Forum Discussion

Pham_Khoa's avatar
Pham_Khoa
Icon for Nimbostratus rankNimbostratus
May 29, 2020

Can not Access Mail Exchange (443) when Enabled Policy ASM but in mode Transparent

Hi all Specialist, Expert,

Today i have a problem when transfer Traffic Mail to F5: POP3S, IMAP4S, SMTPS, HTTP-Based (owa, autodiscover...)

Our module enabled is:

  • LTM: Using least connections, caching, compress, datasafe...
  • AWAF: We using Policy with Mode Transparent

When we enable Application the AWAF Policy for the Virtual Server, then we can access Mail through Web Browser, POP3, IMAP but with Outlook user can not login (Always trying to reconnect)

If we disabled the AWAF Policy, it works well.

 

Does anyone know this issue or have some ideas please share and provide me

Thank you so much

4 Replies

  • Hello Pham,

    Do you mean that you don't have access from Outlook application (not from browser)?

    If yes, then to make application work you need to enable "Mobile Applications" in Bot profile or DoS profile (depends on version of BIG-IP) and attach appropriate profile to VS.

    Thanks, Ivan

  • Hi Ivan,

    Thansk for you advice.

    The problems is when i use Outlook, Exchange i can not access.

    I access normally with Web browser ...

    When i enable Bot Profile and DOS Profile, it's ok

    But when i enable Application Security Policy, its fail

  • Could you try to enable Mobile Application in Bot profile and try it?

    It effects ASM policy too.

    Thanks, Ivan

  • Is it resolved? if yes please share the workaround.

    Facing the same issue.

     

    Log /var/log/ts/bd.log:

    websocket.c:0266|101 Switching Protocols HTTP status arrived, but the websocket hanshake failed.

    websocket.c:0267|Possible reasons are websocket profile isn't assigned on a virtual server or handshake is illegal.

     

    applies websocket profile but, not resolved.