configure Exchange 2013 for OWA
I would like to know what needs to be configured at the Firewall level ,such as NATTing so that external users can access Exchange OWA.
How is this configured at the Firewall level and on the Internal DNS and External DNS and on the Exchange CAS itself.
Thank you
How is this configured at the Firewall level and on the Internal DNS and External DNS and on the Exchange CAS itself.
Thank you
Henry Dunn
Is this a coexistence with another version or is this a greenfield deployment of Exchange 2013?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is brand new Exchange environment.
I need to know how email flows from outside to inside while sending and when just viewing.
I know that there is an MX record on the internet DNS.
When sending from outside, the mail.company.com MX record will redirect the email to the company Firewall, that should have port 25 open, then there should be kind of NAT or something on the firewall that should tell any traffic coming on port 25 send it to Load balancer created between CAS servers, and one of the CAS server will proxy the email to the right mailbox server where the mailbox of the recipient is located...
Well, I am describing this in non technical terms, but I need someone to tell me which devices and elements take part on this flow...
thanks
I need to know how email flows from outside to inside while sending and when just viewing.
I know that there is an MX record on the internet DNS.
When sending from outside, the mail.company.com MX record will redirect the email to the company Firewall, that should have port 25 open, then there should be kind of NAT or something on the firewall that should tell any traffic coming on port 25 send it to Load balancer created between CAS servers, and one of the CAS server will proxy the email to the right mailbox server where the mailbox of the recipient is located...
Well, I am describing this in non technical terms, but I need someone to tell me which devices and elements take part on this flow...
thanks
You need to nat your OWA URL to the CAS VIP. So point mail.company.com to your firewall for the MX record and on the firewall point traffic for SMTP to your VIP for the CAS array.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well in Exchange environment there should be 2 CAS servers for Load Balancing.
**I believe we need to go to each CAS server and run the command:
New-ClientAccessArray –Name “Test” –Fqdn “Mycompany.com” –Site “Mysite”
**On DNS we need to create an A record that points to Mycompany.com with IP address (VIP) ex:10.10.10.10
**the Load Balancer should be configured to point to the VIP
** we need to type this command for each Database in Exchange Organization:
Set-MailboxDatabase DB1 -RpcClientAccessServer “Mycompany.com”
Set-MailboxDatabase DB2 -RpcClientAccessServer “Mycompany.com”
I guess that 's it for CAS servers....Correct me If I am wrong...
Now when external user sends an email to an internal user...It will hit the MX record on the public DNS , example: mail.mycompany.com , this record points to the public address on the Outside interface of the Firewall, the firewall should receive this SMTP traffic on port 25, and in its turn will route it to the LoadBalancer (VIP), the load balancer will send SMTP traffic to one of the CAS servers, which in its turn sends it to the right mailbox server where user mailbox is located.
*** Now I am not sure if we need to create OWA record in public DNS ??? if so should it be A record or CNAME record ,example:Mycompany.com , pointing to mail.company.com ?
because mailbox users are supposed to type on the browser something simple like: mycompany.com, and will be able to reach the Exchange server via OWA.
***another dark area is , when accessing Exchange through OWA, does the traffic go through Loadbalancer to CAS server then to Mailbox server ? just the same way as when someone send email from outside to a user in Exchange server ?
Thanks
**I believe we need to go to each CAS server and run the command:
New-ClientAccessArray –Name “Test” –Fqdn “Mycompany.com” –Site “Mysite”
**On DNS we need to create an A record that points to Mycompany.com with IP address (VIP) ex:10.10.10.10
**the Load Balancer should be configured to point to the VIP
** we need to type this command for each Database in Exchange Organization:
Set-MailboxDatabase DB1 -RpcClientAccessServer “Mycompany.com”
Set-MailboxDatabase DB2 -RpcClientAccessServer “Mycompany.com”
I guess that 's it for CAS servers....Correct me If I am wrong...
Now when external user sends an email to an internal user...It will hit the MX record on the public DNS , example: mail.mycompany.com , this record points to the public address on the Outside interface of the Firewall, the firewall should receive this SMTP traffic on port 25, and in its turn will route it to the LoadBalancer (VIP), the load balancer will send SMTP traffic to one of the CAS servers, which in its turn sends it to the right mailbox server where user mailbox is located.
*** Now I am not sure if we need to create OWA record in public DNS ??? if so should it be A record or CNAME record ,example:Mycompany.com , pointing to mail.company.com ?
because mailbox users are supposed to type on the browser something simple like: mycompany.com, and will be able to reach the Exchange server via OWA.
***another dark area is , when accessing Exchange through OWA, does the traffic go through Loadbalancer to CAS server then to Mailbox server ? just the same way as when someone send email from outside to a user in Exchange server ?
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you