Notes through Juniper

hcl-bot · February 22, 2008, 9:10am

What would be the correct setup on the notes side and the juniper side to have complete delivery trace route out of our DNN.Right now it works fine inside our omain but when sent to the internet there is no return at all.

hcl-bot · February 24, 2008, 3:41pm

Subject: Notes through Juniper

We are trying to configure the Juniper DX device so that user’s can access their mail through the internet. Here is our iNotes setup:

Domino Hubservers - two clustered between datacenters
8 mail servers clustered between datacenters (total server count = 16)
DWA on the hub server with redirect db set to “Mailserver”
Custom login form set to utilize form for login that is in the DWA db
Web Site - lists all of the IP address for the mail servers also identifies the LTPA token associated with the Web SSO below
Web SSO that identifies the domino server in SSO.

On our Intranet this works great, however, fromt he internet I am having configuration problems as follows:

URL.mycompany.com points to the Juniper DX accelerator.
Juniper has a cluster for the URL called: ???.mycompany.com which points to the hub server’s IP address. The Juniper device can see all of the servers on the private network, but only one defined as we want user’s to log into the hub cluster and then get routed to the correct mail server.
Hub server presents login, and begins to redirect user’s. However, the server name is returned in the URL and no mail

I did put a rule on the Juniper as follows and was able to get to my mail, but in putting other rules for each server yeald no results:

“content contains “Servername.???.???.com” then replace content term “URL.mycompany.com” and continue”

This worked as I stated for the servername that was identified, when I added addtional servers only the first rule would be recognized.

The folks as Juniper networks are lost and I’m amazed that no one at IBM can help with this either as their marketing material all state “THIS WORKS GREAT”.

so if you have any way to move on this I would appreciate it.

hcl-bot · April 22, 2008, 2:22am

Subject: RE: Notes through Juniper

Hi, did you manage to get this sorted? We have a working DWA 7.0.2 (which was also working under DWA 6.5.1) via Juniper DX. Slightly different since ours is via Web → Juniper → Tivoli Identity Manager and Edge reverse proxy → DWA servers.

We set the base URL to the Hub server in your scenario and configured the hub server default url to the webaccessredirect.nsf built from dwaredir.ntf (i think thats the ntf name).

Some things to try…

Enable Debug in your Redirect Database to see if the DWA login is resolving to the correct mail server & mail file at logon via the Juniper.
Enable domlog.nsf in the server doc - check for the incoming IP address, Juniper may be reverse proxying and the Juniper IP may be required in the Domino Site SSO doc.
Make sure all of the mail servers are allowed in the Juniper Resource definition.
Have a look at the AutoLogin form in the dwa redirect database. Find the html field which contains all of the redirect code. Its a bit messy to look at but quite simple to follow once you have a good look at it.

This form contains all of the code which queries the PNAB for your mail server and mail file, then builds the URL for the redirect. I ended up modifiying this so our URL is www.mycompany.com//

Our url is fixed in dwaredir. The other fields are wmrMailServer (from PNAB) and wmrMailFile (from PNAB). Which then combines into the wmrhttps+ which is the final URL.

Hope this helps? Let me know I may be able to assist further…?