OWA CAS Proxy from two sites Exchange 2010
OWA CAS Proxy from two sites. Situation at the moment: OWA Proxy work From Internet -> Site A -> Site B Two AD sites. Let named it Site A and Site B. One DAG Cluster, with MBX server at each location, so we have two MBX servers. Half of databases are active at one site and half at the other site. A the moment there is one Internet connection, that is connected to site A. All mail flow is going through Site A, include OWA, ActiveSync...... Proxy is working, so Users in Site B, can access their mail/OWA through internet. There is reliable connection in from Site A to Site B. Situation has change, now there is another Internet connection at the Site B. I would like to continue using internet connection at Site A. And Mail flow will go as it is. Only when internet connection on site A fails, I would like to revers communication From Site B to Site A. I can script, and configure Proxy at switchover, but I would like to choose another way. I have set second IIS. I use separate IP and Separate network card with separate IP. IP is one from each subnet, where CAS reside. So every CAS server has one additional IP. On that IP I setup new, ECP, OWA, EAS. But when I set up these on both location, OWA and Outlook access for users, that are coming through Internet stops. I set up like revers proxy in reverse order. I do not won't to change or to set another public WWW site. I would like to use only one. If I could upload picture, it would be easy to understand. User from Site B use www.internet.com -> Company FW A -> CAS Site A -........-> CAS Site B = OK Now I set up revers proxy : User from Site B use www.internet.com -> Company FW A -> CAS Site A -....-> CAS Site B Proxy = Fail User from Site B use www.internet.com -> Company FW A -CAS Site A Proxy <-…….-Cas Site B = Fail Both IIS sites are activ on different IP ? I second situation, I`m trying to setup situation, before Internet connection Fail on site A, but it does not work, in broke entire proxy. Basic, I thing I have setup something wrong?
October 30th, 2010 3:47am

Hi What exactly do you want to accomplish? Do you want site resiliency? Site failover? and Outlook anywhere from both sites (Site A and B)?Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog
Free Windows Admin Tool Kit Click here and download it now
November 1st, 2010 7:09am

Did you try removing external URL on both site and setting /OWA to use Integrated Windows Auth? This will allow either site to accept proxy traffic allow proxy if External URL is not found for other site. If you want FBA or other authentication method you can try addign ISA on both site and use Windows Intrageted Auth between ISA and CAS. Make sure Site A is able to access Site B Internal URL, and Site B CAS can access Site A Internal URL.
November 7th, 2010 11:58am

Did you try removing external URL on both site and setting /OWA to use Integrated Windows Auth? This will allow either site to accept proxy traffic allow proxy if External URL is not found for other site. If you want FBA or other authentication method you can try addign ISA on both site and use Windows Intrageted Auth between ISA and CAS.
Free Windows Admin Tool Kit Click here and download it now
November 7th, 2010 11:58am

I have mist yellow warning with change your alert settings. So I missed both responses. A have add second Thread : Exchange server 2010: Two Proxy "CAS" site deployments Basically what i would like to achieve, is that external user, use the same WAN https:\\ address when i change DNS record to WAN IP of second site. The same is with mobile clients and Outlook clients.
November 8th, 2010 1:13pm

With ISA server on both side handling external facing authentication method (FBA or Basic) and ISA passing authentication to CAS by Windows Integrated Authentication. You will be able to set all of your Exchange virtual directories to accept proxy request from the opposite site CAS. By removing the External URL you will be able to trick Exchange thinking both site is not internet facing allow you to proxy the request to another CAS. Other wise when you do a site failover you will have to modify the failing /primary site to Windows Integrated Authentication and remove External URL, and on the backup site do the opposite of adding external URL and adding FBA or Basic Authentication. After those changes force AD replication to allow external user to access mailbox from another site external connection.
Free Windows Admin Tool Kit Click here and download it now
November 8th, 2010 2:49pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics