The question is if you have enabled SSL offloading on the load balancer for the Exchange Servers. If you are using the load balancer to encrypt and decrypt traffic to the Exchange Servers then you have to disable that on the Exchange Servers AND on the load balancers: https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-extended-protection?view=exchserver-2019#scenarios-that-could-affect-client-connectivity-when-extended-protection-was-enabled
What will be the impact and side effects when disabling the SSL offloading for Exchange Servers behind Load Balancer?
All of my exchange servers on-premise are behind Load Balancer, there are no more mailboxes OnPremise since all of my users have been migrated to Exchange Online. What will be the impact and side effects when disabling the SSL offloading?
WARNING: 'EXSVR01\RPC (Default Web Site)' has SSLOffloading set to true. Therefore, we can not configure Extended Protection. WARNING: 'EXSVR02\RPC (Default Web Site)' has SSLOffloading set to true. Therefore, we can not configure Extended Protection.> WARNING: Please address the following server regarding RPC (Default Web Site) and SSL Offloading: EXSVR01, EXSVR02> WARNING: The following cmdlet should be run against each of the servers:
Set-OutlookAnywhere 'SERVERNAME\RPC (Default Web Site)' -SSLOffloading $false -InternalClientsRequireSsl $true -ExternalClientsRequireSsl $true
The above was taken from the console of my Exchange Server 2016 when running Extended Protection Management script from the https://microsoft.github.io/CSS-Exchange/Security/ExchangeExtendedProtectionManagement/ .
Thank you in advance.