none
Publish Exchange 2013 through UAG 2010 and enable SSL offloading through two layers of Citrix NLB - Netscaler

    Question

  • My Design as followed:

    1. Exchange 2013 CAS servers - SSL offloading enabled - Internal Network
    2. Citrix NetScaler NLB for CAS servers - configured as HTTPS - Internal Network - Public certificate
    3. UAG servers as one array - (I need to allow SSL offloading !!) - DMZ Network
    4. Citrix NetScaler NLB for UAG Array members - configured as HTTPS - DMZ Network - Public Certificate

    Please help me how to configure UAG ???

    I tried to create the trunk as HTTP connection not HTTPS and tested it and the result was that the site opens for seconds and then the URL redirected automatically to (http), session failed, if I added the (s) again and refresh, session continue for seconds and then redirected to http again and so on ... every time (https) lasts for only few seconds but the weird part that after adding (s) again the session continue just fine to the next step for seconds !!!

    please help :)

    Sunday, March 30, 2014 1:07 PM

Answers

  • I figured at last an applicable setup for this, allow offloading only on the CAS servers with internal Citrix NLB and all other traffic from (Internet to external NLB to UAG to Internal NLB) will be secured via SSL.

    It's too complicated to offload the certificate twice, just offload it once for CAS servers.

    Tuesday, August 19, 2014 10:03 AM

All replies

  • Hi ,

    Were you able to confirm the correct config for this setup?

    Thanks

    Friday, June 27, 2014 5:40 PM
  • I figured at last an applicable setup for this, allow offloading only on the CAS servers with internal Citrix NLB and all other traffic from (Internet to external NLB to UAG to Internal NLB) will be secured via SSL.

    It's too complicated to offload the certificate twice, just offload it once for CAS servers.

    Tuesday, August 19, 2014 10:03 AM