Simplifying the OWA URL with Citrix Netscaler
Next to Content Switching (which I recently wrote a post about), Citrix Netscalers can also do URL Rewrites. This enables us to simplify the OWA URL.
First, be sure the Rewriting option is enabled by going into System, then Settings and choose Configure Basic Settings. Check the tick box for Rewrite
After this, first make an Rewrite Action by going to Rewrite>Actions and add an Action. Give it a comprehensive name and set the type to REPLACE. In the Expression the following should be used:
In the String expression for replacement text, the following value should be used:
Be sure to type it in and not copy it from this blog, otherwise it could not workd correctly. The screenshot below shows the value as mentioned before. Click Create to create the Rewrite Action and click Close to close the window.
Now you can create a Rewrite Policy by going to Rewrite>Policies and then click add…
Again, give it a sensible name and be sure the Action is set to the earlier created Rewrite Action (in the screenshot below Rewrite_Action_OWA).
For the Expression, use the following:
Again, type it and do not copy and paste. Finally, press Create and Close. This Rewrite Policy now checks for URL's which use the root path / and will replace it with /owa/.
But in order to make it happen, the policy has to be enabled somewhere. In this case I bind it to a Load Balancing Virtual Server already previously made (see this blog post). This has to be the Virtual Server which is responsible for (at least) Outlook Web Access.
Open the Virtual Server, go to the Policies Tab and press the Rewrite (request) button. Right-click in the window and choose Insert Policy. Choose the previously made Rewrite Policy as shown below:
And voila! Now every user entering https://webmail.contoso.com/ will be directed to https://webmail.contoso.com/owa/ without a fuss! And because the policy triggers only on the root, directly using /owa, or /ecp for that matter, will also work.
How about HTTP to HTTPS redirection?
That is not done via Rewrites, but there are more ways than one. Make a Load Balancing Virtual Server, listening on port 80 and as IP address the Virtual IP used for OWA. You do NOT check any services. Instead go to the Advanced Tab and in the Redirect URL enter HTTPS:// with the virtual IP used for Webmail. Press Create and close. Do remember to enable traffic over TCP port 80 towards the Netscaler, otherwise this won’t work. This is also described in the Netscaler Deployment guide and depicted in the image below:
If you are also using Content Switching, you can also make a Content Switching Virtual Server accepting traffic on port 80 and again using the OWA Virtual IP. As a target the Load Balancing Virtual Server using port 443 should be used (that can be used multiple times as a target. Description how it was made in this blog post). This is shown in the image below:
You should make duplicate Content Switching policies, as they can only be used once. The Expression however, is exactly the same as the Content Switching Policy used in the Content Switching Virtual Server using SSL.
Now every user will be directed to the correct URL, whether they use http://webmail.contoso.com, https://webmail.contoso.com/ or http://webmail.contoso.com/owa/ .