Thanks Emilio... I assumed that with the "HTTPS Backends" feature we wouldn't
need to make the "Farm listener" set to HTTPS and thus not need the cert. We
don't want to terminate SSL at the load balancers (especially as the private
key is stored in clear-text).... so the cert is absolutely still needed?
The Exch13 servers are handling OWA, ActiveSync, and SMTP - but we're only
trying to load-balance OWA and ActiveSync via TCP443 at this time. On the same
pair of ZENLB servers we have two farms configured for the same pair of Exch13
servers:
- one farm is set to TCP on 443 / round-robin... and this one works fine- the
other farm is set to HTTP / Farm listener is HTTP / Service has HTTPS Backends
enabled... this works somewhat for OWA but Activesync (Outlook) doesn't work at
all.
If we don't want to put the cert/key in the load balancer, should TCP 443 with
round-robin be fine for Exch13 servers OWA/Actsync?
- Kevin.
Date: Thu, 31 Oct 2013 16:53:07 +0100
From: [email protected]
To: [email protected]
Subject: Re: [Zenloadbalancer-support] HTTPS Backends and Exchange in 3.03
I forgot to mention that you have to enable https and configure the ssl cert
for your farm
Regards
2013/10/31 Emilio Campos <[email protected]>
When you talk about exchange 2013, are you talking about OWA Service, https
servers in 443 in backend, in that case you have to configure a HTTP farm with
a Service, i.e. owa name, enable in this service the HTTPS backends field and
add the owa exchange server IP with 443 port enabled.
For review the connection from your load balancer run a telnet to backends,
something like this:
from zen in command line:
telnet exchange_owa_server1 443
telnet excange_owa_server2 443
An let us know
2013/10/31 kevin mahadeo <[email protected]>
I was happy to see the the HTTPS Backends feature as we don't want to offload
ssl... but I'm having trouble with our Exchange 2013 farm (two servers). I've
been testing a farm set to just TCP on 443, round robin, and farmguardian to
check for the login.aspx page - this has been working in test.
I've tried to setup a farm based on HTTP with default settings, farm listener
set to HTTP, then under the service I've enabled HTTPS Backends and no
Farmguardian yet, but I'm unable to connect to the Exchange servers via the
VIP. Is there any guide or recommended settings for Exchange 2013 via 443 and
with no HTTPS cert in ZENLB?
Thanks,
Kevin.
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): [email protected]
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): [email protected]
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
