How to reduce Web Application Offload license consumption for Exchange Portal with client uniqueness
03/26/2020 7 12148
Allowing no authentication for ActiveSync is a security issue which is addressed in 8.5. Also anonymous Web Application Offloading may overload the device cause performing issue. Therefore, as of firmware 8.5 anonymous authentication for an Exchange Portal Web Application Offload is not allowed. Each connection to this portal will consume a user license while in use.
CAUSE: If client uniqueness is not enabled a client can log into the Exchange Portal multiple times per user which will consume a user license for each connection for the user. This can use up multiple user licenses for one user with multiple instances of Exchange open.
(* Exchange Web Application Offload must be added prior to these steps using the Wizard *)
1. Go to Portal | Portal | Click Configure next to the Exchange Web Application Offload
2. Go to "General" Tab | Check "Enforce Login Uniqueness"
If enforced, login uniqueness restricts each account to one session at a time. If not enforced, each account can have multiple simultaneous sessions.
Example: Enforce login uniqueness, when not enabled allows a user to log into the SRA from a desktop p/c and also a smart phone or tablet.
A second option is also provided called “Enforce client source uniqueness” If enforced, client source uniqueness prevents multiple connections from a user with the same client source address when connecting with a SonicWall client (Net Extender, Mobile Connect, Virtual Assist etc.). This prevents a user from consuming multiple licenses when a user reconnects after an unexpected network interruption.
Example: Enforce client source uniqueness when enabled will not allow a user to connect from the same NAT “Public” address to the SRA.