Jump to content
Welcome to our new Citrix community!

Exchange Hybrid Configuration


Recommended Posts

Hi there,

 

Anyone successfully using Netscaler to handle Exchange Online traffic (SMTP and Mailbox Replication)?  Microsoft requirements is that the traffic must hit the on-premise Exchange servers without any SSL inspection by a 3rd party firewall/load balancer.

 

I've tried several configuration in the Netscaler (SSL Bridge and TCP) but without any luck.


Cannot find a hard answer from Citrix if Netscaler supports this traffic at all.

 

If anyone has any details/documentations/configurations, please let me know :)

 

Thanks in advance,

 

Justin

Link to comment
Share on other sites

My organization is doing this with the Netscalers without any issue. We use content switching virtual servers (type = SSL) and proxy requests to various backend exchange servers.

 

We don't have anything special configured to make it work...are you facing specific issues?

Link to comment
Share on other sites

12 hours ago, Ross Bender said:

My organization is doing this with the Netscalers without any issue. We use content switching virtual servers (type = SSL) and proxy requests to various backend exchange servers.

 

We don't have anything special configured to make it work...are you facing specific issues?

 

Hi Ross,

 

Thanks so much for your response :)

 

I was under the impression that traffic such as the MRS Proxy required no SSL inspection before accessing the backed Exchange Servers?  If you are using type SSL, can I assume that inspection is in fact occurring?  Are you able to provide me with an example of a policy where you are able to filter through the MRS traffic?

 

Thanks again for your help :)

 

Kind Regards,

 

Justin

Link to comment
Share on other sites

11 hours ago, James Kindon said:

For hybrid connectivity I have always bypassed ADC and had the connectivity go direct - every time something gets in the middle its resulted in pain

Hi James,

 

Thank you for responding - there is not much information out there regarding this type of connectivity, yet I can only imagine there must be many environments out there that are using Netscalers for load balancing and having Exchange hybrid in place.

 

I'm more leaning now to your response of just bypassing the Netscaler all together.  Hard to believe that this is unlikely to be supported - cannot get any firm details from Citrix at all regarding this matter.

 

Kind Regards,

 

Justin

Link to comment
Share on other sites

We had problems using the NetScaler in our Exchange Hybrid environment using protocol types SSL and SSL_BRIDGE, so we bypassed the NetScalers and went straight to Exchange servers.  A couple years later I was troubleshooting possible Internet firewall problems and used a NetScaler Load-Balancing vServer (type SSL) for fun and it worked.  We are still using that setup today for our occasional mailbox migrations and not for any other Hybrid traffic.  We're running version 12.1 55.18 on a 15030 HA pair that's not really taxed day-to-day if it matters.

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...