Thursday, May 22, 2008

SSL redirection in NLB configuraiton for CAS servers in windows 2008


We have two CAS Servers as NLB cluster on Windows 2008



NLB has A Record in DNS:

OWA access works with https://cas1/exchange or https://cas1/owa or https://cas2/exchange or https://cas2/owa

To redirect incoming to one of the CAS Servers It’s a little different with IIS7.

· You need to go into inetmgr

· Select the default website

· Go to HTTP-Redirection

· Select first option and type only /exchange (or /owa)

· Then select 3rd option

· Save and close Inetmgr

(Sorry, only German Screenshot available)


HTTPS Redirection is similar

· Create SSLRedirect.htm according to below Technet Article and save to C:\inetpub\wwwroot

· Open intetmgr

· Select the default website

· Go to Error codes

· Add new Entry with Error code 403.4 (note the period instead of the semicolon mentioned in article)

· Save and close inetmgr


Double-check the HTTPS redirection URL in your SSLRedirect.htm. The article says https://%3cservername%3e/exchange .

But if you simplified the URL already according to the above settings you need to remove /exchange from the redirection URL here. (e.g.: https://server23 instead of https://server23/exchange )

No comments: