Dynamics
Contents
1 Introduction
Microsoft Dynamics CRM is a Customer Relationship Management (CRM) software package developed for businesses. It aims to drive sales, productivity and marketing effectiveness through social insights, business intelligence and campaign management in the cloud, on-premises or with a hybrid combination of both.
Such a powerful tool requires reliable and powerful support. The Kemp LoadMaster delivers an exceptional, cost-effective and easy to use solution which, by employing Adaptive Load Balancing, balances requests across Microsoft Dynamics. Microsoft Dynamics consists of Dynamics CRM servers.
When deployed as a pair, two LoadMasters give the security of High Availability (HA). HA allows two physical or virtual machines to become one logical device. Only one of these units is ever handling traffic at any particular moment. One unit is active and the other is a hot standby (passive). This provides redundancy and resiliency, meaning if one LoadMaster goes down for any reason, the hot standby can become active, therefore avoiding any downtime. For more information on HA please refer to: High Availability (HA), Feature Description.
1.1 Document Purpose
This document is intended to provide guidance on how to deploy Microsoft Dynamics CRM with a Kemp LoadMaster. The Kemp Support Team is available to provide solutions for scenarios not explicitly defined.
The Kemp support site can be found at: https://support.kemptechnologies.com.
1.2 Intended Audience
This document is intended to be used by anyone deploying Microsoft Dynamics CRM with a Kemp LoadMaster.
1.3 Related Firmware Version
Published with LMOS version 7.2.48.4 LTS. This document has not required substantial changes since 7.2.48.4 LTS. However, the content is in sync with the latest LoadMaster LTS firmware.
2 Template
Kemp has developed a template containing our recommended settings for this workload. You can install this template to help create Virtual Services (VSs) because it automatically populates the settings. You can use the template to easily create the required VSs with the recommended settings. For some workloads, additional manual steps may be required such as assigning a certificate or applying port following, these steps are covered in the document, if needed.
You can remove templates after use and this will not affect deployed services. If needed, you can make changes to any of the VS settings after using the template.
Download released templates from the Templates section on the Kemp Documentation page.
For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the Kemp Documentation page.
3 Enable Subnet Originating Requests Globally
It is best practice to enable the Subnet Originating Requests option globally.
In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet) Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests should not affect the routing in a one-armed setup.
In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real Servers are on network B, Subnet Originating Requests should be enabled on LoadMasters with firmware version 7.1-16 and above.
When Subnet Originating Requests is enabled, the Real Server sees traffic originating from 10.20.20.21 (LoadMaster eth1 address) and responds correctly in most scenarios.
With Subnet Originating Requests disabled, the Real Server sees traffic originating from 10.0.0.15 (LoadMaster Virtual Service address on eth0) and responds to eth0 which could cause asymmetric routing.
When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services. If the Subnet Originating Requests option is disabled globally, you can choose whether to enable Subnet Originating Requests on a per-Virtual Service basis.
To enable Subnet Originating Requests globally, follow the steps below:
1. In the main menu of the LoadMaster User Interface (UI), go to System Configuration > Miscellaneous Options > Network Options.
2. Select the Subnet Originating Requests check box.
4 Configure Microsoft Dynamics Virtual Services
The environment in which Microsoft Dynamics CRM is deployed determines which of the following set-ups should be used.
4.1 Microsoft Dynamics CRM HTTP
The following are the steps involved and the values required to configure Microsoft Dynamics HTTP Virtual Service:
1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
2. Enter a valid IP address in the Virtual Address text box.
3. Enter 80 in the Port text box.
4. Enter a recognizable Service Name, for example MS Dynamic CRM HTTP.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Expand the Standard Options section.
8. Deselect the Transparency check box.
9. Select Super HTTP from the Mode drop-down list.
10. Select 1 Hour from the Timeout drop-down list.
11. Select least connection from the Scheduling Method drop-down list.
12. Set the Idle Connection Timeout to 660 and click the Set Idle Timeout button.
13. Expand the Advanced Properties section.
14. Select Legacy Operation (X-ClientSide) from the Add HTTP Headers drop-down list.
15. Expand the Real Servers section.
16. Select the HTTP Protocol from the Real Server Check Parameters drop-down list.
17. Enter / in the URL text box and click Set URL.
18. Ensure HEAD is selected from the HTTP Method drop-down list.
19. Add the Real Servers:
a) Click the Add New button.
b) Enter the IP address of the CRM Server.
c) Enter 80 as the Port.
The Real Server Port should match the Virtual Service Port.
The Forwarding method and Weight values are set by default. An administrator can change these.
d) Click Add this Real Server. Click OK to the pop-up message.
e) Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.
4.2 Microsoft Dynamics CRM HTTPS
Kemp recommends two Virtual Services be configured for Microsoft Dynamics CRM HTTPS.
The following are the steps involved and the values required to configure the Microsoft Dynamics HTTPS Virtual Services:
4.2.1 Microsoft Dynamics HTTPS (Redirect)
1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
2. Enter a valid IP address in the Virtual Address text box.
3. Enter 80 in the Port text box.
4. Enter a recognizable Service Name, for example MS Dynamic CRM HTTPS Redirect.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Expand the Standard Options section.
8. Deselect the Transparency check box.
9. Select None from the Mode drop-down list.
10. Select round robin from the Scheduling Method drop-down list.
11. Expand the Advanced Properties section.
12. Select Legacy Operation (X-ClientSide) from the Add HTTP Headers drop-down list.
13. Select 302 Found from the Error Code drop-down list.
14. Enter https://%h%s in the Redirect URL text box and click Set Redirect URL.
4.2.2 Microsoft Dynamics HTTPS (Certificate Installed on Real Server)
1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
2. Enter a valid IP address in the Virtual Address text box.
3. Enter 443 in the Port text box.
4. Enter a recognizable Service Name, for example MS Dynamic CRM HTTPS.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Expand the Standard Options section.
8. Ensure the Force L4 check box is clear.
9. Ensure the Transparency check box is clear.
10. Select Source IP Address from the Mode drop-down list.
11. Select 1 Hour from the Timeout drop-down list.
12. Select least connection from the Scheduling Method drop-down list.
13. Enter 660 as the Idle Connection Timeout and click Set Idle Timeout.
14. Expand the Real Servers section.
15. Select HTTPS Protocol from the Real Server Check Parameters drop-down list.
16. Enter / in the URL text box and click Set URL.
17. Select HEAD from the HTTP Method drop-down list.
18. Add the Real Servers:
a) Click the Add New button.
b) Enter the IP address of the CRM Server.
c) Enter 443 as the Port.
The Real Server Port should match the Virtual Service Port.
The Forwarding method and Weight values are set by default. An administrator can change these.
d) Click Add this Real Server. Click OK to the pop-up message.
e) Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.
4.3 Microsoft Dynamics HTTPS Re-encrypt
Kemp recommends two Virtual Services be configured for Microsoft Dynamics CRM HTTPS Re-encrypt.
The following are the steps involved and the values required to configure the Microsoft Dynamics HTTPS Re-encrypt Virtual Services:
4.3.1 Microsoft Dynamics CRM HTTPS Reencrypted Redirect
1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
2. Enter a valid IP address in the Virtual Address text box.
3. Enter 80 in the Port text box.
4. Enter a recognizable Service Name, for example MS Dynamic CRM HTTPS Reencrypted-Redirect.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Expand the Standard Options section.
8. Deselect the Transparency check box.
9. Select None from the Mode drop-down list.
10. Select round robin from the Scheduling Method drop-down list.
11. Expand the Advanced Properties section.
12. Select Legacy Operation (X-ClientSide) from the Add HTTP Headers drop-down list.
13. Select 302 Found from the Error Code drop-down list.
14. Enter https://%h%s in the Redirect URL text box and click Set Redirect URL.
4.3.2 Microsoft Dynamics CRM HTTPS Reencrypt
1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
2. Enter a valid IP address in the Virtual Address text box.
3. Enter 443 in the Port text box.
4. Enter a recognizable Service Name, for example MS Dynamic CRM HTTPS Re-encrypt.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Expand the SSL Properties section.
8. Select the Enabled and Reencrypt check boxes for SSL Acceleration.
9. Select the four TLS check boxes for Supported Protocols.
While this workload may not support TLS1.3 yet, Kemp recommend enabling it for future proofing.
While the Cipher Set automatically selects Default from the drop-down list, users may select BestPractices to ensure all security scans are passed without issue.
10. Expand the Standard Options section.
11. Ensure Transparency is Disabled.
12. Select Super HTTP from the Mode drop-down list.
13. Select 1 Hour from the Timeout drop-down list.
14. Select least connection from the Scheduling Method drop-down list.
15. Expand the Real Servers section.
16. Select HTTPS Protocol from the Real Server Check Parameters drop-down list.
17. Enter / in the URL text box and click Set URL.
18. Select HEAD from the HTTP Method drop-down list.
19. Add the Real Servers:
a) Click the Add New button.
b) Enter the IP address of the CRM Server.
c) Enter 443 as the Port.
The Real Server Port should match the Virtual Service Port.
The Forwarding method and Weight values are set by default. An administrator can change these.
d) Click Add this Real Server. Click OK to the pop-up message.
e) Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.
References
Unless otherwise specified, the following documents can be found at: https://kemptechnologies.com/documentation.
Virtual Services and Templates, Feature Description.
High Availability (HA), Feature Description
Last Updated Date
This document was last updated on 23 March 2021.