The Journey of a Network Engineer

Aug 17 2011   5:59AM GMT

How to Configure Citrix NetScaler for Hosted Microsoft Exchange 2010? Part-3

Posted by: Sulaiman Syed
Load Balancer
SSL Offload

In previous Entry I have shown how to import certificates, and do the re-write policy. Well, in this entry. I would like to add the the virtual Servers for OWA, then i would show the required settings to add the other applications (IMAP4, RPC, POP3, and OA).

As for the Load Balancing Method, Microsoft has its own recommendation, I would suggest to go with “Least Connection”, “Round Robin” is really not a good way, since one server can be loaded unequally by longer connection session. Persistence for OWP is Cookieinsert,  while AS, OA is Source IP. Since our CAS is handling all the three applications, we used cookieInsert for all. Some users, mentioned issues with cookieinsert, and used Source IP. We would like to do our own testing before deciding with Persistence method to choose.

We start by creating virtual Server for OWA. Before adding anything, first we need to add the real servers. This will ease the process when we want to associate the service (ports) with the real servers.  In the image below, click on add. Then just follow the procedure shown.

Server Menu

Figure 1: Servers Menu

Server Add

Figure 2 : Adding Real Server

Once we have added the servers, it is best to add all the required servers running the various applications. It can be seen from above that we have added 3 CAS, 3 HUB servers. Since Citrix NetScaler is being used to load balance CAS and HUB only.

Now, Adding the service is next step. as seen in First Entry, we would like to create the services of the real server. Since we are creating OWA, HTTP with port 80 is the real service. click on Add as shown in the services Menu.

Service Menu

Figure 3 : Service Menu

Service Add

Figure 4 : Adding Service

to Add the service, Write the name of your choice. Pick the real Server, Protocol, and Port number. Please note that you would need to do this for all the OWA application servers. In our case we have done 3 of them. Figure 3 shows that we created services for OWA, POP3, IMAP4 and RPC. Since, the RPC uses random port numbers. Use the following settings, Service name (add the name), Server (add real server), Protocol pick TCP, and port pick *.

Now, lets create the Virtual Server. Since we are going to offload SSL from real servers. The Virtual Server will run on port 443, with SSL certificate added and persistence enabled. Please click on Add at the Virtual Servers menu as shown below.

Virtual Servers

Figure 5 : Virtual Servers Menu

Virtual Server Add

Figure 6 : Adding Virtual Server

In figure 6, we are adding the virtual server by Naming it, Giving it Virtual IP address, Selecting Protocol SSL, and port number 443. We have selected the Services that we want to associate this Virtual IP with. Figure 7 shows that we have picked the Method of load balancing as Least Connection, while Persistence mode is cookiesinsert.
Persistence Method in Virtual Server

Figure 7 : Configuring Method for Virtual Server

Virtual Server Certificate Add

Figure 8 : Adding SSL Certificate to Virtual Server

Figure 8 shows that we have added the certificate we created earlier here. With this, configuration of the Load Balancer is done. Although there is one small detail that should be looked at. Since NetScaler will Send traffic from SSL to HTTP (from 443 to 80). The CAS server will reply with port 80 (HTTP). We would like to configure NetScaler to Intercept this traffic. So we create a virtual server for protocol HTTP, port 80, and we don’t associate any service with it. Figure 9 shows the configuration for the Return-OWA traffic.
OWA Return Vserver

Figure 9 : Virtual Server to Intercept Return Traffic

Figure 5 shows all the virtual servers that we have created for various applications running in the hosted Microsoft Exchange Server 2010. With this, we have finalized the configuration of NetScaler for the CAS. In our next Entry, i would Configure the Load Balancer for HUB.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: