Need some expert advice F5 - 401 access denide - Exchange 2010
I need some help and am hoping someone can give me some direction.
We have an application running on a Windows server (Server A) that needs to synch information to an end user's calendar in Exchange 2010 via Autodiscover and EWS. The Exchange, F5, and "Server A" are all on the same subnet. We use an active directory account with elevated permissions on "Server A" with the impersonation role in Exchange to synch data to the end user mailboxes. We can get this to work to two other Exchange sites but not to our main Exchange site. The difference with the site that is not working is that it (2 mailbox servers/2 cas servers in a DAG) sits behind a F5 hlb. The F5 is running 11.4.1 hotfix 5 and we have a single vip with source-ip persistence that all Exchange traffic is being passed through. No SSL offloading being done on the HLB.
Outlook clients work fine (no issues there) but I cannot synch any calendar information from the application on Server A to the end user mailboxes if I am passing through the F5 HLB. I see a 401 access denied error in the logs. I know the AD account being used is correct and that the password is correct because I can get the application to synch to mailboxes on other Exchange sites (single servers with all exchange roles installed - no f5). The only way I have been able to get the application to synch is having our Exchange admin change the internal URL (for autodiscover and ews virtual directories) on the Exchange CAS server from the vip URL to the FQDN of the cas server. Obviously this is not want we want to do because it defeats the purpose of having load balancing and failover capability.