While I was rebuilding my lab, I ran into an issue when building out my demo Exchange OWA front-ended by NetScaler – the error was pretty generic, I would attempt to access the OWA page, was then prompted for authentication by the NetScaler AAA engine running as a part of Unified Gateway, then I was dumped to the following error page:
Http/1.1 Service Unavailable – /cgi/selfauth/xxxxx
This error page is being presented by the NetScaler, and is nothing new – it usually means that a backend connection has failed or there are no policy matches on a Content Switching vServer and a default vServer is not configured – that is the case here as this is a CSW vServer for Exchange.
We need to create a SelfAuth CSW policy and bind it to the OWA vServer. Here is the Content Switching policy that handles this error:
The expression is:
Then we need to bind the policy to the CSW vServer – in this case, you can see the other Exchange policies in place, with the new policy at the bottom:
Once done, the OWA page comes up as expected after authentication. Fixed!