Exchange 2013 CAC authentication error
I built a node on an internal VLAN in my network that serves as my 2013 Exchange CAS. I created a Virtual server on the F5 (using the iapp.microsoft.exchange2013.v1.40) with an external IP whose pool includes the CAS node. When I access the outlook web app from an external network, I can access the email resources with a username and password just fine. When I input my cac pin I get "page cannot be displayed". When I do the same from inside my network, I can access the OWA using both login/CAC credentials. Is this an F5 routing/configuration issue or exchange 2013 configuration?
My goal is to access OWA from an outside network using CAC authentication on the exchange server. I am not trying to enable CAC authentication on the F5. I set that up with the LTM alone and all that does is request my cac info, I enter my pin and authenticate, then it sends me to the OWA login/CAC request-which then fails after I enter my pin.
Is it incorrect to put the virtual server on the DMZ external vlan and expect the F5 to be able to send traffic to a node on an internal vlan?