How to Configure a Load Balancing Virtual Server for OWA 2010 on a NetScaler Appliance when the TCP Port 80 is Blocked on the Corporate Firewall

How to Configure a Load Balancing Virtual Server for OWA 2010 on a NetScaler Appliance when the TCP Port 80 is Blocked on the Corporate Firewall

book

Article ID: CTX129005

calendar_today

Updated On:

Description

This artcle contains information about configuring a Load Balancing Virtual Server for Outlook Web Application (OWA) 2010 on a NetScaler appliance when the TCP port 80 is blocked.  

The Citrix NetScaler Deployment Guide for Microsoft Exchange 2010 provides basic instructions to configure the Load Balancing VServer for OWA 2010.

If the end user tries to access OWA by using a non-secure HTTP URL, then you need to configure a HTTP virtual server. The deployment guide contains instructions to redirect the network traffic from the non-secure virtual server to a secure HTTPS virtual server. The guide also contains instructions to set up non-secure services to the backend OWA Client Access Server. In this setup, the non-secure virtual server should be completely accessible to the end user through the TCP port 80. 

Instructions

You must configure the backend servers to accept secure HTTPS connections from the default OWA Web page, and redirect the requests to the “/owa” resources.
To configure the Load Balancing virtual server for OWA 2010 when the TCP port 80 is blocked, complete the following procedure:
Note: You must import a signed certificate to the appliance and bind it to the secure virtual server before proceeding with this procedure.

  1. Run the following commands to create objects for the backend servers from the command line interface of the appliance:

    addserver 192.168.1.154 192.168.1.154
add server 192.168.1.164 192.168.1.164

  2. Run the following commands to create services:

    addservice Exchange_2010_owa1_SSL 192.168.1.154 SSL 443 -gslb NONE -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -sp OFF -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO
add service Exchange_2010_owa2_SSL 192.168.1.164 SSL 443 -gslb NONE -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -sp OFF -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO

  1. Run the following command to create a Load Balancing virtual server:

    add lb vserver Exchange_2010_owa_SSL SSL 192.168.1.171 443 -persistenceType COOKIEINSERT -cltTimeout 180

  2. Run the following command to bind the services to virtual server:

    bind lb vserver Exchange_2010_owa_SSL Exchange_2010_owa1_SSL
bind lb vserver Exchange_2010_owa_SSL Exchange_2010_owa2_SSL

  3. Run the following command to bind the certificate key pair to virtual server:

    bind ssl vserver Exchange_2010_owa_SSL -certkeyName <certkeyname>

Note: In this scenario, you do not require the URL transformation or rewrite policies referred in the Citrix NetScaler Deployment Guide for Microsoft Exchange 2010.

Issue/Introduction

This artcle contains information about configuring a Load Balancing Virtual Server for Outlook Web Application (OWA) 2010 on a NetScaler appliance when the TCP port 80 is blocked.

Additional Information

Citrix NetScaler Deployment Guide for Microsoft Exchange 2010

Powered by Wolken Software