CWA Error through F5 Load Balancer: Your Connection was ended. Please Sign in Again. (Error Code: 0-1-482)

 

On a recent deployment we deployed CWA internally and externally using ISA Server 2006. The customer decided they wanted to provide high availability to the CWA service, so we introduced a hardware load balancer to provide that functionality. After we set the two servers with identical site settings behind the load balancer we started having users receive this error when connecting to the CWA site:

cwaerror1

At first glance deploying CWA through a load balancer would seem pretty basic, they are websites you access over https, however there is some key information in the R2 Documentation for deploying CWA behind a load balancer. http://technet.microsoft.com/en-us/library/dd441196(office.13).aspx

Communicator Web Access supports most hardware load balancers, provided that the load balancer:

  • Allows you to set the TCP idle timeout to 1,800 seconds (30 minutes). The TCP idle timeout represents the amount of time the server will wait for information during a session. If you are using a reverse proxy server (such as Microsoft Internet Security and Acceleration Server) then the TCP idle timeout on that computer should also be set to 1,800 seconds.
  • Allows you to use a source network address translation (SNAT) pool if you need to handle more than 65,000 simultaneous connections. SNAT is designed to "hide" multiple servers behind a single IP address (that is, a number of servers can be accessed using just one IP address). With a SNAT pool, servers can be hidden behind multiple IP addresses.
  • Allows you to use cookie persistence when configuring session affinity. With cookie persistence, information about the actual Communicator Web Access server being used for a session is stored in an Internet cookie on the client computer. When configuring the load balancer’s session persistence profile it is recommended that you use "HTTP Cookie Insert." With this configuration method, information about the server to which the client is connected is inserted in the header of the HTTP response from that server as a cookie.

Our issue was related to the persistence profile. When a user connects to CWA they must maintain a connection to the same server as the initial connection or it will not work. The persistence profile, using a HTTP Cookie Insert method will enable this persistence.

We were using an F5 BIG IP LTM Load balancer for this deployment, we actually chose “Source Address Affinity”. Below you can seen a screenshot of the persistence profile used in this configuration.

f5cwaconfig

tweetmeme_source = ‘winxnetuc’;
tweetmeme_service = ‘bit.ly’;

(140)

If you like it, share it!

    Posted on by admin in CWA, F5, Load Balancing, Microsoft, OCS, OCS 2007 R2, Unified Communications 5 Comments

    5 Responses to CWA Error through F5 Load Balancer: Your Connection was ended. Please Sign in Again. (Error Code: 0-1-482)

    1. Anonymous

      We are running into this issue as well. It's a little unclear in your post if you changed FROM source address affinity TO Cookie, or the other way around. We currently have our persistance profile set up as cookie, but are still experiening this problem. Any help would be appreciated.Thanks,Peter

       
      • Emir

        hey peter, have you found any solution for this? I have same problem, on the very beginning I was able to login from home, however now I have constantly the error code:0-1-482….

        thanks

        Emir

         
    2. Salik Raza

      I tried to login after clearing history and all, it worked . Hope it will work for all.

       
      • Thamil

        Hi Salik Raza,

        Thank you very much for the solution of “clearing the history”. It worked well for me.

        Regds,
        Thamil

         
        • hany

          how to clear the history

           

    Add a Comment