We are transitioning from Exchange 2007 SP2 to Exchange 2010. We have two datacentres, and currently 2 mailbox servers (1 in each) and 1 dedicated HT/CAS in our datacentre that is Internet accessible. We have over 60 sites with users, and currently their mailboxes are in one datacentre or the other. They all use Outlook 2010. For the CAS that provides OWA, Outlook Anywhere, ActiveSync etc, we currently have a reverse proxy appliance for "webmail.company.com" with an SSL certificate. We are upsizing to 8 Exchange servers, with 2 mailbox servers per datacentre in 1 DAG, and then in each datacentre another 2 CAS/HT servers in a CAS Array in an NLB cluster in each datacentre. User loads and numbers are equally balanced between datacentres - both are active. Advice from Microsoft on deployment specifies that we change our OWA hostname for Exchange 2007 to "legacy.company.com", but this is not what we want to do, mostly because the reverse proxy appliance is not very easy to administer and buying an SSL certficate for just a couple of months seems like a waste. We want to transition off the reverse proxy appliance, and if the name changes, that's not a big deal (good old Group Policy...). Instead, we want to create a new public hostname (maybe something like remote.company.com) for the Exchange 2010 SP1 deployment, and have this accessible from Forefront Threat Management Gateway 2010 NLB clusters in each datacentre (2 TMG servers per datacentre, each in their own NLB farm). Then with that one SSL certificate (remote.company.com) we will be able to use TMG to also reverse proxy sub-sites (such as remote.company.com/intranet) and use it for our OCS/Lync reverse proxy needs. So here are my questions; 1. If we have a datacentre loss, and we re-route incoming traffic to our secondary datacentre, will TMG be able to direct users to the local CAS array and will that CAS array understand to direct the traffic to a DAG member in the surviving datacentre? 2. What do we call our CAS arrays in each site? If we call them OutlookEast.company.local and OutlookWest.company.local - then one of these will be entered into Outlook - what if the site OutlookWest.company.local is unavailable, will they know to try OutlookEast.company.local? 3. What happens if a user who has had their mailbox transitioned to Exchange 2010 attempts to access the old address webmail.company.com through something like ActiveSync or OutlookAnywhere - will it just fail or will it be redirected? Conversely, if a person who is still on Exchange 2007 attempts to use the new address, what sort of problems will they have? 4. With us having two datacentres, both with a TMG Array and then a CAS array and DAG members, do we need to have two external DNS names, or will TMG / CAS be able to redirect external users to the other TMG/CAS server's external address in the other datacentre? How would we configure this for users? Thanks for any help.

First is this a cross forest migration? 1. You can choose whatever namespace you like and redirection will work. The CAS will redirect based on the externalURL parameter. Redirection will not work if you're doing a cross forest migration. 2. Yes that namespace is fine, if CAS array is down you have to manually update the DNS record for fail over to the other CAS array 3. The users have to update the URL on their devices. This step should be included in the post migration check list. 4. Yes you can have just one external namespace and TMG can do the redirect via the publishing rule. (Again will not work if you're doing cross forest migration) Take a look at both articles it goes over most of you need to do. Upgrading Outlook Web App to Exchange 2010 http://msexchangeteam.com/archive/2009/12/02/453367.aspx Publishing Exchange Server 2010 with Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010 http://www.microsoft.com/downloads/en/confirmation.aspx?FamilyID=894bab3e-c910-4c97-ab22-59e91421e022&displaylang=enJames Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com