Scribd
Upload
54 views35 pages

Deployment Guide-MS Exchange 2013

Uploaded by

fargotte
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views35 pages

Deployment Guide-MS Exchange 2013

Uploaded by

fargotte
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 35

MS Exchange 2013

Deployment Guide

UPDATED: 11 January 2018


MS Exchange 2013

Copyright Notices

Copyright © 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP
Technologies logo are registered trademarks of KEMP Technologies, Inc.

KEMP Technologies, Inc. reserves all ownership rights for the LoadMaster and KEMP 360 product line
including software and documentation.

Used, under license, U.S. Patent Nos. 6,473,802, 6,374,300, 8,392,563, 8,103,770, 7,831,712, 7,606,912,
7,346,695, 7,287,084 and 6,970,933

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 2


MS Exchange 2013

Table of Contents

1 Introduction 5

1.1 About This Manual 5

1.2 Prerequisites 5

2 Exchange 2013 Overview 6

2.1 Differences Between Exchange 2010 and Exchange 2013 6

2.2 Understanding Server Load Balancing 7

3 Virtual Service Templates 9

4 Configuring Virtual Services for Exchange 2013 11

4.1 HTTPS Virtual Service 11

4.1.1 HTTPS using SubVSs 13

4.1.1.1 Create the Parent Virtual Service 13

4.1.1.2 Create the SubVSs 14

4.1.1.3 Create Content Rules 16

4.1.2 HTTPS Offloading Using SubVSs 18

4.1.3 HTTPS Offloading Using ESP and SubVSs 20

4.2 IMAP Virtual Service 25

4.2.1 IMAP STARTTLS Virtual Service 26

4.2.2 IMAPS Virtual Service 26

4.2.3 IMAPS Offloaded Virtual Service 27

4.3 POP Virtual Service 28

4.3.1 POP with STARTTLS Virtual Service 28

4.3.2 POPS Virtual Service 29

4.3.3 POPS Offloaded Virtual Service 30

4.4 SMTP Virtual Service 30

4.4.1 SMTPS Virtual Service 31

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 3


MS Exchange 2013

4.4.2 SMTP with STARTTLS Virtual Service 32

4.4.3 SMTP with ESP Virtual Service 33

References 34

Last Updated Date 35

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 4


MS Exchange 2013
1 Introduction

1 Introduction
The KEMP LoadMaster combines versatility with ease-of-use to speed deployment of the complete
portfolio of advanced messaging applications and protocols used by Exchange 2013, including Outlook
Web App (OWA), Outlook Anywhere (OA), Exchange ActiveSync (EAS), Simple Mail Transfer Protocol
(SMTP), Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4 (IMAP4).
With built-in SSL acceleration and/or overlay, the LoadMaster offloads a key source of CPU drain to
improve the capacity of Client Access Servers (CASs). Layer 7 health checking at the LoadMaster ensures
that if one of the CASs becomes inaccessible, the load balancer will take that server offline, while
automatically re-routing and reconnecting users to other functioning servers.

The entire KEMP LoadMaster product family, including the Virtual LoadMaster (VLM) supports Microsoft
Exchange 2013.

1.1 About This Manual


This manual addresses how to deploy and configure a LoadMaster appliance with Microsoft Exchange
2013.

KEMP’s LoadMaster family of products is available in various models to support networks of different
throughput requirements. Information in this manual applies to all LoadMaster models.

1.2 Prerequisites
It is assumed that the reader is a network administrator or a person otherwise familiar with networking
and general computer terminology. It is further assumed that the Exchange 2013 environment has been
set up and the KEMP LoadMaster has been installed.

LoadMaster documentation is available at http://www.kemptechnologies.com/documentation.

At a minimum, you should have:

l Installed the Microsoft Servers, Active Directories and followed other Microsoft requirements

l Installed the LoadMaster on the same network as the servers.

l Established access to the LoadMaster Web User Interface (WUI)

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 5


MS Exchange 2013
2 Exchange 2013 Overview

2 Exchange 2013 Overview


Microsoft Exchange Server is a mail server, calendaring software and contact manager. It is a server
program that runs on Windows Server and is part of the Microsoft Servers line of products. The
improvements made in Exchange 2013 have made it easier to load balance Exchange-related traffic.

Exchange 2013 includes the following solutions for switchover and failover redundancy:

High availability: Exchange 2013 uses Database Availability Groups (DAGs) to keep multiple copies of
your mailboxes on different servers synchronized. That way, if a mailbox database fails on one
server, users can connect to a synchronized copy of the database on another server.

Site resilience: You can deploy two Active Directory sites in separate geographic locations, keep the
mailbox data synchronized between the two, and have one of the sites take on the entire load if the
other fails.

Online mailbox moves: During an online mailbox move, email accounts are still accessible. Users are
only locked out for a brief period of time at the end of the process, when the final synchronization
occurs. Online mailbox moves can be performed across forests or in the same forest.

Shadow redundancy: Shadow redundancy protects the availability and recoverability of messages
while they are in transit. With shadow redundancy, the deletion of a message from the transport
databases is delayed until the transport server verifies that all the next hops for that message have
completed. If any of the next hops fail before reporting successful delivery, the message is
resubmitted for delivery to the hop that did not complete.

2.1 Differences Between Exchange 2010 and Exchange 2013


One of the biggest changes in Exchange 2013 is that the number of server roles has reduced to just two.
In older versions of Exchange there were a number of server roles for Hub Transport, Unified Messaging,
Mailbox and Client Access. In Exchange 2013 there are just two server roles:

l The Mailbox Server which includes all of the functions to route mail, render web content and receive
voicemail

l The CAS which authenticates clients and routes requests to the correct mailbox server

The CAS now acts as a reverse proxy. The CAS no longer renders OWA when a user accesses it. The CAS
determines which mailbox database their mailbox is located on and provides the request to the back-end
mailbox server that hosts the database. The mailbox server then renders the OWA content, not the CAS.

Clients no longer interact with Exchange using RPC, it is all done over HTTPS. Outlook Anywhere is the
protocol that Outlook clients use to access their mailbox.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 6


MS Exchange 2013
2 Exchange 2013 Overview

Exchange 2013 Service Pack 1 introduces new connectivity option MAPI/HTTP which is disabled by
default. It must be manually enabled by administrator and is only available as a connectivity option to
clients running Office 2013 Service Pack 1 or later. Older clients continue using RPC/HTTP.

Outlook 2003 is not supported with Exchange 2013.

Unlike previous versions of Exchange, Exchange 2013 no longer requires session affinity at the load
balancing layer. For more information, refer to the related article in The Exchange Team Blog: Load
Balancing in Exchange 2013.

2.2 Understanding Server Load Balancing


Server load balancing is a way to manage which servers receive traffic. Server load balancing provides
failover redundancy to ensure users continue to receive service in case of failure. It also enables your
deployment to handle more traffic than one server can process while offering a single host name for
clients.

Server load balancing serves two primary purposes. It reduces the impact of a single CAS failure within
one Active Directory site. In addition, server load balancing ensures that the load on the CAS and
Transport servers is optimally distributed.

Two key changes in Exchange 2013 make load balancing a lot simpler:

l HTTPS-only access from clients means that there is only one protocol to consider. The HTTP failure
states are well known and clients typically respond in a similar way.

l As OWA is rendered on the same server that is hosting the user’s mailbox database; if a client hits a
different CAS there is no performance degradation as the session rendering for that user is already
up and running.

Forms-based authentication has also been improved. The authentication cookie is provided to the user
after logon and it is encrypted using the CAS’s SSL certificate. This allows a logged in user to resume their
session on a different CAS without having to re-authenticate (if servers share the same SSL certificate).

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 7


MS Exchange 2013
2 Exchange 2013 Overview

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 8


MS Exchange 2013
3 Virtual Service Templates

3 Virtual Service Templates


KEMP have developed templates containing our recommended settings for Exchange 2013. These
templates can be installed on the LoadMaster and can be used when creating each of the Virtual
Services. Using a template automatically populates the settings in the Virtual Services. This is quicker and
easier than manually configuring each Virtual Service. If needed, you can make changes to any of the
Virtual Service settings after using the templates.

Released templates can be downloaded from the KEMP documentation page:


http://www.kemptechnologies.com/documentation/.

For more information and steps on how to import and use templates, refer to the Virtual Services and
Templates, Feature Description.

For steps on how to manually add and configure the Virtual Services, refer to the sections below.

The Microsoft Exchange 2013 templates currently available are grouped in three downloadable files as
follows:

l Exchange2013Core

This file contains templates for non-SSL offloaded HTTPS, SSL offloaded HTTPS and SMTP Virtual
Services.

This is the primary set of services needed to balance Exchange 2013.

l Exchange2013ESP

This set contains individual templates for a HTTPS service with SSL offloading and an SMTP
service, both with ESP enabled.

These services are only necessary if you want to use ESP functionality.

l Exchange2013Additional

This set contains templates for IMAP, POP and SMTP services, including variants for STARTTLS
and SSL secured services.

If you create another Virtual Service using the same template, ensure to
change the Service Name to a unique name.

When using SNMP monitoring of ESP-enabled Virtual Services that were


created using a template, ensure to monitor each SubVS directly rather
than relying on the master service. This is because the Authentication
Proxy sub-service will always be marked as up and, as a consequence,
so will the master service.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 9


MS Exchange 2013
3 Virtual Service Templates

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 10


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

4 Configuring Virtual Services for Exchange 2013


The sections below give instructions on how to configure the various Virtual Services related to Microsoft
Exchange. The settings in this document are recommended by KEMP. They may not be applicable to
your specific configuration. For further information and help, please contact our Support team.

If using Exchange 2013 (not SP1), ensure to enable SSL re-encryption.


Also, if using Exchange 2013 (not SP1), MAPI is not used and can be
removed.

4.1 HTTPS Virtual Service


Follow the instructions below to set up a HTTPS Virtual Service:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 443 in the Port field.

4. Type a name, for example Exchange 2013 HTTPS in the Service Name field.

5. Select tcp in the Protocol drop-down list.

6. Click the Add this Virtual Service button to add the Virtual Service.

7. Configure the settings as shown in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 11


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Basic Properties Service Type HTTP/HTTPS


Standard Options Force L4 Disabled *
Transparency Disabled
Persistence Mode None
Scheduling Method Round Robin
Click Set Idle
Idle Connection Timeout 1800
Timeout.
SSL Properties SSL Acceleration Disabled
Click Add HTTP
Redirector. This
creates a new
Advanced Options Redirection URL https://%h%s redirect Virtual
Service on port 80
with the same IP
address.
ESP Options Enable ESP Disabled
Real Servers Real Server Check Method HTTPS Protocol
Click Set Check
Checked Port 443
Port.
URL /owa/healthcheck.htm Click Set URL.
Use HTTP/1.1 Disabled
HTTP Method GET

*When L7 is referred to in KEMP documentation it is in relation to the


actual TCP connection. When Microsoft refer to L7 for Exchange it is in
relation to SSL decryption and re-encryption. This is different and what
KEMP recommends is not necessarily L7 configuration unless SSL
acceleration is enabled.

To add content rules to the VS, follow the steps in the Create Content Rules section.

Minor changes now need to be made to the redirect Virtual Service that was added:

1. Click View/Modify Services in the main menu.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 12


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

2. Click Modify on the Redirect Virtual Service with the blank name which has the same IP
address as the Virtual Service that was just created.

3. Enter a recognizable Service Name, for example Exchange 2013 HTTP Redirect and click Set
Nickname.

4. In Standard Options, set the Persistence Mode to None.

4.1.1 HTTPS using SubVSs


Follow the instructions below to set up a HTTPS Virtual Service with SubVSs.

4.1.1.1 Create the Parent Virtual Service

Follow the instructions below to set up the parent HTTPS Virtual Service:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 443 in the Port field.

4. Type a name, for example Exchange 2013 HTTPS in the Service Name field.

5. Select tcp in the Protocol drop-down list.

6. Click the Add this Virtual Service button to add the Virtual Service.

7. Configure the settings as shown in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 13


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Basic Properties Service Type HTTP/HTTPS


Standard Options Force L4 Disabled
Transparency Disabled
Persistence Mode None
Scheduling Method Round Robin
Click Set Idle
Idle Connection Timeout 1800
Timeout.
SSL Properties SSL Acceleration Enabled
Reencrypt Enabled
Click Add HTTP
Redirector. This
creates a new
Advanced Properties Redirection URL https://%h%s redirect Virtual
Service on port 80
with the same IP
address.
ESP Options Enable ESP Disabled

4.1.1.2 Create the SubVSs

Follow the instructions below to set up the SubVSs:

1. In the Real Servers section of the Virtual Services options page, click the Add SubVS button.

2. A message stating that the SubVS has been created appears, click OK.

The Real Servers section should now be renamed to SubVSs.

The following steps deal with creating a SubVS for an Exchange service
such as owa.

3. In the SubVSs section of the SubVS options page, click the Modify button next to the SubVS
and select the following options:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 14


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

a) In the SubVS Name field enter a relevant name such as owa

b) In the SubVS Type field select the HTTP/HTTPS option

4. Within the ESP Options section, ensure that the Enable ESP check box is not selected.

5. In the Real Servers section of the SubVS options page select the following options:

a) Enter /owa/healthcheck.htm in the URL field and click the Set URL button.

b) Ensure the Use HTTP/1.1 checkbox is deselected

c) Ensure that the GET option is selected from the HTTP Method drop-down list.

6. When finished editing the SubVS, click Back. Now you can add other SubVSs to this Virtual
Service as needed.

7. Configure each SubVS using the settings in the table below.

SubVS Name Healthcheck URL Allowed Virtual Directories

OWA (as in steps


/owa/healthcheck.htm /owa*
above)
Autodiscover /autodiscover/healthcheck.htm /autodiscover*

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 15


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

SubVS Name Healthcheck URL Allowed Virtual Directories

ECP /ecp/healthcheck.htm /ecp*


EWS /ews/healthcheck.htm /ews*
/microsoft-server- /microsoft-server-
ActiveSync
activesync/healthcheck.htm activesync*
OAB /oab/healthcheck.htm /oab*
Powershell /powershell/healthcheck.htm /powershell*
RPC /rpc/healthcheck.htm /rpc*
MAPI /mapi/healthcheck.htm /mapi*
Authentication Proxy

If you are using Kerberos Constrained Delegation (KCD) please ensure


you add a Real Server to the Authentication Proxy SubVS. For further
information on KCD, refer to the KCD, Feature Description

4.1.1.3 Create Content Rules

Content Rules need to be created for the Virtual Services to function correctly.

To create a Modify URL rule for owa please complete the following steps:

1. Select the Rules & Checking > Content Rules menu option

2. Click the Create New button

3. Enter a relevant name, for example Redirect_Root in the Rule Name field

4. Select the Modify URL option in the Rule Type drop-down

5. Enter /^\/$/ in the Match String field

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 16


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

6. Enter /owa in the Modified URL field

7. Click the Create Rule button

To create a Content Matching rule for owa please complete the following steps:

1. Select the Rules & Checking > Content Rules menu option.

2. Click the Create New button.

3. Enter a relevant name, for example OWA in the Rule Name field.

4. Select the Content Matching option is selected in the Rule Type drop-down list.

5. Ensure the Regular Expression option is selected in the Match Type drop-down list.

6. Enter /^\/owa.*/ in the Match String field.

7. Select the Ignore Case checkbox.

8. Click the Create Rule button.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 17


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Create additional Content Matching rules following steps 1 to 8 above but using the values as described
in the table below.

Rule Name Match String Ignore Case

ActiveSync /^\/microsoft-server-activesync.*/ yes


Autodiscover /^\/autodiscover.*/ yes
ECP /^\/ecp.*/ yes
EWS /^\/ews.*/ yes
OAB /^\/oab.*/ yes
PowerShell /^\/powershell.*/ yes
RPC /^\/rpc.*/ yes
Root /^\/$/ No
MAPI /^\/mapi.*/ yes
Authentication Proxy /^\/lm_auth_proxy*$/ yes

4.1.2 HTTPS Offloading Using SubVSs


To set up HTTPS Offloading Using SubVSs, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 443 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 HTTPS Offloaded.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 18


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

SSL Properties SSL Acceleration Enabled


Reencrypt Enabled Optional
Click Set Idle
Standard Options Idle Connection Timeout 1800
Timeout.
Modify URL: Redirect_
Advanced Properties Show Header Rules Click Add.*
Root
Add HTTP Headers X-Forwarded-For
Click Add HTTP
Redirector. This
creates a new
Redirection URL https://%h%s redirect Virtual
Service on port 80
with the same IP
address.
ESP Options Enable ESP Disabled
Real Servers URL /owa/healthcheck.htm Click Set URL.
Use HTTP/1.1 Disabled
HTTP Method GET

*If the Redirect Root content rule does not exist yet, refer to the Create Content Rules section to create
it.

7. In the Real Servers section, click the Add SubVS button.

8. A message stating that the SubVS has been created appears, click OK.

The Real Servers section should now be renamed to SubVSs.

The following steps deal with creating a SubVS for an Exchange service
such as owa.

9. In the SubVSs section of the SubVS options page, click the Modify button next to the SubVS
and select the following options:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 19


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

a) In the SubVS Name field enter a relevant name such as owa

b) In the SubVS Type field select the HTTP/HTTPS option

10. When finished editing the SubVS, click Back. Now you can add other SubVSs to this Virtual
Service as needed.

11. Configure each SubVS using the settings in the table below.

SubVS Name Healthcheck URL

OWA (as in steps above) /owa/healthcheck.htm


Autodiscover /autodiscover/healthcheck.htm
ECP /ecp/healthcheck.htm
EWS /ews/healthcheck.htm
ActiveSync /microsoft-server-activesync/healthcheck.htm
OAB /oab/healthcheck.htm
Powershell /powershell/healthcheck.htm
RPC /rpc/healthcheck.htm
MAPI /mapi/healthcheck.htm

4.1.3 HTTPS Offloading Using ESP and SubVSs


To set up HTTPS Offloading Using ESP, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 20


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 443 as the Port.

4. Enter a Service Name, for example Exchange 2013 HTTPS Offloading with ESP.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

SSL Properties SSL Acceleration Enabled


Reencrypt Enabled Optional
Click Set Idle
Standard Options Idle Connection Timeout 1800
Timeout.
Modify URL:
Advanced Properties Show Header Rules Click Add.*
Redirect_Root
Add HTTP Headers X-Forwarded-For
Click Add HTTP
Redirector. This
creates a new
Redirection URL https://%h%s redirect Virtual
Service on port 80
with the same IP
address.

*If the Redirect Root content rule does not exist yet, refer to the Create Content Rules section to create
it.

7. Now you need to add the SubVSs. To do this, expand the Real Servers section and click Add
SubVS. Then click the Modify button to configure it.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 21


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Details for each of the SubVSs that need to be created are below.

8. For each of the SubVSs created, ensure that in the ESP section, the Enable ESP checkbox is
selected, and select the following options:

a) Select the User Access, Security and Connection check boxes in ESP Logging.

b) Select the relevant SSO Domain.

For instructions on how to add an SSO domain, refer to the ESP,


Feature Description.

c) Enter all of the allowed virtual hosts into the Allowed Virtual Hosts text box, for
example mail.example.com, and click the Set Allowed Virtual Hosts button.

d) Configure each SubVS using the settings in the table below.

Client
Allowed Virtual Pre-Authorization Excluded SSO Image SSO Greeting
SubVS Name Auth. Server Auth. mode
Directories Directories Set Message
mode

Autodiscover /autodiscover* None None n/a

Please enter
Form your
ECP /ecp* .Form based Exchange
Based Exchange
credentials.

EWS /ews* None None n/a

/microsoft-server- Basic
ActiveSync Basic Auth. n/a
activesync* Auth.

OAB /oab* None None n/a

Powershell /powershell* None None n/a

RPC /rpc* None None n/a

Please enter
Form your
OWA /owa* /owa/<guid@smtpdomain>*1 Form based Exchange
Based Exchange
credentials.

MAPI /mapi* None None n/a

Please enter
Authentication Form your
/* Form based Exchange
Proxy Based Exchange
credentials.

If you are using Kerberos Constrained Delegation (KCD) please ensure

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 22


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

you add a Real Server to the Authentication Proxy SubVS. For further
information on KCD, refer to the KCD, Feature Description

1 GUID is unique to each Exchange deployment. To find the correct


GUID, run the following command on the Exchange Server:

Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like


“OrganizationCapabilityClientExtensions”} | fl exchangeGUID,
primarysmtpaddress

The Logoff String must be set to /owa/logoff.owa in the OWA SubVS.


In a customized environment, if the OWA logoff string has been
changed, the modified logoff string must be entered in the Logoff String
text box.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 23


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

The SSO Greeting Message field accepts HTML code, so you can insert
your own image if required. However, there are several characters that
are not supported. These are the grave accent character ( ` ) and the
single quotes (’). If a grave accent character is used in the SSO Greeting
Message, the character will not display in the output, for example a`b`c
becomes abc. If a single quote is used, users will not be able to log in.

9. For each of the SubVSs created, configure the settings as shown in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 24


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Real Servers Checked Port 443 Click Set Check Port.


Use HTTP/1.1 Disabled
HTTP Method GET
Refer to the table in
the Create the
Enter the relevant
URL SubVSs section for
health check URL.
the health check
URLs.

10. After the SubVSs have been created, in the parent Virtual Service; enable Content Switching
by clicking the Enable button in the Advanced Properties section.

4.2 IMAP Virtual Service


Follow the instructions below to set up an IMAP Virtual Service:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 143 in the Port field.

4. Type a name, for example Exchange 2013 IMAP in the Service Name field.

5. Select tcp in the Protocol drop-down list.

6. Click the Add this Virtual Service button to add the Virtual Service.

7. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type Generic


Standard Options Force L4 Disabled
Transparency Disabled
Server Initiating Protocols IMAP4
Persistence Mode None
Scheduling Method round robin

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 25


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Click Set Idle


Idle Connection Timeout 3600
Timeout.
SSL Properties SSL Acceleration Disabled
Mailbox (IMAP)
Real Servers Real Server Check Parameters
Protocol
Checked Port 143 Click Set Check Port.

4.2.1 IMAP STARTTLS Virtual Service


To configure the IMAP STARTTLS VS, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter a Virtual Address.

3. Enter 143 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 IMAP with STARTTLS.

5. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type STARTTLS protocols


Standard Options Transparency Disabled
STARTTLS mode IMAP
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Real Servers Checked Port 143 Click Set Check Port.

4.2.2 IMAPS Virtual Service


To configure the IMAPS VS, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address in the Virtual Address text box.

3. Enter 993 in the Port field.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 26


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

4. Enter a recognizable Service Name, for example Exchange 2013 IMAPS.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

Standard Options Transparency Disabled


Server Initiating Protocols IMAP4
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Real Servers Real Server Check Method TCP Connection Only
Checked Port 993 Click Set Check Port.

4.2.3 IMAPS Offloaded Virtual Service


To configure the IMAPS Offloaded, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 993 in the Port field.

4. Enter a recognizable Service Name, for example Exchange 2013 IMAPS Offloaded.

5. Configure the settings as shown in the following table:

Section Option Value Comment

SSL Properties SSL Acceleration Enabled


Standard Options Transparency Disabled
Server Initiating Protocols IMAP4
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Mailbox (IMAP)
Real Servers Real Server Check Method
Protocol
Checked Port 143 Click Set Check Port.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 27


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

4.3 POP Virtual Service


Follow the instructions below to set up a POP Virtual Service:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 110 in the Port field.

4. Type a name, for example Exchange 2013 POP in the Service Name field.

5. Select tcp in the Protocol drop-down list.

6. Click the Add this Virtual Service button to add the Virtual Service.

7. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type Generic


Standard Options Force L4 Disabled
Transparency Disabled
Server Initiating Protocols POP3
Persistence Options None
Scheduling Method round robin
Click Set Idle
Idle Connection Timeout 3600
Timeout.
SSL Properties SSL Acceleration Enabled
Mailbox (POP3)
Real Servers Real Server Check Method
Protocol
Checked Port 110 Click Set Check Port.

4.3.1 POP with STARTTLS Virtual Service


To configure a POP Virtual Service with STARTTLS, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 28


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 110 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 POP with STARTTLS.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type STARTTLS


Standard Options Transparency Disabled
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Real Servers Checked Port 110 Click Set Check Port.

4.3.2 POPS Virtual Service


To configure a POPS VS, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 995 in the Port field.

4. Enter a recognizable Service Name, for example Exchange 2013 POPS.

5. Configure the settings as shown in the following table:

Section Option Value Comment

Standard Options Transparency Disabled


Server Initiating Protocols POP3
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Real Servers Checked Port 995 Click Set Check Port.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 29


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

4.3.3 POPS Offloaded Virtual Service


To configure a POPS Offloaded Virtual Service, follow the steps below:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 995 in the Port field.

4. Enter a recognizable Service Name, for example Exchange 2013 POPS Offloaded.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

SSL Properties SSL Acceleration Enabled


Standard Options Transparency Disabled
Server Initiating Protocols POP3
Click Set Idle
Idle Connection Timeout 3600
Timeout.
Mailbox (POP3)
Real Servers Real Server Check Parameters
Protocol
Checked Port 110 Click Set Check Port.

4.4 SMTP Virtual Service


Follow the instructions below to set up an SMTP Virtual Service:

1. Select the Add New option within the Virtual Services section of the main menu tree.

2. Enter the IP address of the Virtual Service in the Virtual Address field.

3. Enter 25 in the Port field.

4. Type a name, for example Exchange 2013 SMTP in the Service Name field.

5. Select tcp in the Protocol drop-down list.

6. Click the Add this Virtual Service button to add the Virtual Service.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 30


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

7. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type Generic


Standard Options Force L4 Disabled
Transparency Disabled
Server Initiating Protocols SMTP
Persistence Mode Source IP Address
Idle Connection Timeout
1 Hour
(Default 660)
Scheduling Method round robin
Click Set Idle
Idle Connection Timeout 120
Timeout.
SSL Properties SSL Acceleration Disabled
ESP Options Enable ESP Disabled
Mailbox (SMTP)
Real Servers Real Server Check Parameters
Protocol
Checked Port 25 Click Set Check Port.

4.4.1 SMTPS Virtual Service


To configure an SMTPS Virtual Service, follow the steps below:

1. In the main menu of the LoadMaster WUI, select Virtual Services and Add New.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 587 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 SMTPS.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 31


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Standard Options Transparency Disabled


Server Initiating Protocols SMTP
Persistence Mode Source IP Address
Idle Connection Timeout
1 Hour
(Default 660)
Click Set Idle
Idle Connection Timeout 120
Timeout.
Real Servers Checked Port 587 Click Set Check Port.

4.4.2 SMTP with STARTTLS Virtual Service


To configure a SMTP Virtual Service with STARTTLS, follow the steps below:

1. In the main menu of the LoadMaster WUI, select Virtual Services and Add New.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 25 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 SMTP with STARTTLS.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

Basic Properties Service Type STARTTLS


Standard Options Transparency Disabled
SMTP (STARTTLS if
STARTTLS mode
requested)
Persistence Mode Source IP Address
Idle Connection Timeout
1 Hour
(Default 660)
Click Set Idle
Idle Connection Timeout 120
Timeout.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 32


MS Exchange 2013
4 Configuring Virtual Services for Exchange 2013

Section Option Value Comment

Real Servers Checked Port 25 Click Set Check Port.

4.4.3 SMTP with ESP Virtual Service


To configure a SMTP VS with ESP, follow the steps below:

1. In the main menu of the LoadMaster WUI, select Virtual Services and Add New.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 25 as the Port.

4. Enter a recognizable Service Name, for example Exchange 2013 SMTP with ESP.

5. Click Add this Virtual Service.

6. Configure the settings as shown in the following table:

Section Option Value Comment

ESP Options Enable ESP Enabled


Connection Logging Enabled
Enter all permitted
domains that are
Click Set Permitted
Permitted Domains allowed to be
Domains.
received by this
service.
Standard Options Transparency Disabled
Server Initiating Protocols SMTP
Persistence Mode Source IP Address
Persistence Timeout 1 Hour
Click Set Idle
Idle Connection Timeout 120
Timeout.
Real Servers Checked Port 25 Click Set Check Port.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 33


MS Exchange 2013
References

References
Unless otherwise specified, the documents below can be found at
http://kemptechnologies.com/documentation

Web User Interface (WUI), Configuration Guide

Virtual Services and Templates, Feature Description

ESP, Feature Description

Microsoft Exchange 2010, Deployment Guide

Exchange Team Blog post on Load Balancing in Exchange 2013

http://blogs.technet.com/b/exchange/archive/2014/03/05/load-balancing-in-exchange-2013.aspx

KCD, Feature Description

View or configure Outlook Web App virtual directories

https://technet.microsoft.com/en-us/library/dd298140(v=exchg.150).aspx

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 34


MS Exchange 2013
Last Updated Date

Last Updated Date


This document was last updated on 11 January 2018.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 35

You might also like