RickyBello
asked on
Exchange 2010 - Additional Mailbox server at additional location via VPN
Multi-site company has 1 Exchange server, looking to add a second Exchange server at a remote location.
We currently have Site A which has a Barracuda Spam Virus Firewall and Exchange 2010 Standard with all roles installed. We are looking to set up an additional Exchange 2010 Standard server at Site B. Exchange 2010 in Site A is currently running on Windows 2008 R2 Enterprise.
Site A and Site B are accessible via VPN and while they have different local domains, there is a Forest Trust between them and they can both ping, resolve and access each other.
The new Windows 2008 R2 Enterprise - Exchange 2010 Standard installation at Site B is going to be strictly for mailboxes for users at that site. I plan to only install the Mailbox Role. While it will be at Site B, it will be added to the Site A domain via VPN and Forest Trust.
Computers in Site B are part of the Site B domain but they should be able to access the local Exchange server added to the Site A domain because of the Forest Trust.
After mail comes through the Barracuda Spam Virus Firewall, AD should determine where to send mail based on where the user mailbox is located, whether to Exchange Server in Site A or Site B.
Not looking for failover, nor DAG, nor CAS Array. Just a secondary Exchange server with Mailbox role.
What are the pros/cons, recommendations or best practices for this implementation scenario?
Thanks.
We currently have Site A which has a Barracuda Spam Virus Firewall and Exchange 2010 Standard with all roles installed. We are looking to set up an additional Exchange 2010 Standard server at Site B. Exchange 2010 in Site A is currently running on Windows 2008 R2 Enterprise.
Site A and Site B are accessible via VPN and while they have different local domains, there is a Forest Trust between them and they can both ping, resolve and access each other.
The new Windows 2008 R2 Enterprise - Exchange 2010 Standard installation at Site B is going to be strictly for mailboxes for users at that site. I plan to only install the Mailbox Role. While it will be at Site B, it will be added to the Site A domain via VPN and Forest Trust.
Computers in Site B are part of the Site B domain but they should be able to access the local Exchange server added to the Site A domain because of the Forest Trust.
After mail comes through the Barracuda Spam Virus Firewall, AD should determine where to send mail based on where the user mailbox is located, whether to Exchange Server in Site A or Site B.
Not looking for failover, nor DAG, nor CAS Array. Just a secondary Exchange server with Mailbox role.
What are the pros/cons, recommendations or best practices for this implementation scenario?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the comments.
Adam Farage, your setup makes sense with all roles installed and CAS set with no ExternalURL. Do I need a new DomainA GC/DC at Site B for this to work properly or can the Exchange server just connect to the current GC/DC at Site A via VPN and Forest Trust?
Adam Farage, your setup makes sense with all roles installed and CAS set with no ExternalURL. Do I need a new DomainA GC/DC at Site B for this to work properly or can the Exchange server just connect to the current GC/DC at Site A via VPN and Forest Trust?
*rewrote the answer - as I misread the response above*
it depends... honestly. I would highly recommend extending the existing forest into Site B and have Site B as a separate AD site. From there setup a completely independent (but replicating) GCS / DC. I would NOT setup a separate forest, as that is going to just cause headaches.
it depends... honestly. I would highly recommend extending the existing forest into Site B and have Site B as a separate AD site. From there setup a completely independent (but replicating) GCS / DC. I would NOT setup a separate forest, as that is going to just cause headaches.
ASKER
Adam,
Just to be clear, a new local GC/DC for Exchange at Site B, should be part of the Site A domain.
Just to be clear, a new local GC/DC for Exchange at Site B, should be part of the Site A domain.
yea thats fine, as long as you clearly split up the geographical sites within AD Sites and Services I would see no reason why this would not work.
here is some more clear cut information on proxy / redirection. Its a blog I wrote about a year ago, but the info is still spot on: http://exchangelaboratory.com/2013/04/04/exchange-proxy-and-redirection-exchange-2007-and-2010-explained/
here is some more clear cut information on proxy / redirection. Its a blog I wrote about a year ago, but the info is still spot on: http://exchangelaboratory.com/2013/04/04/exchange-proxy-and-redirection-exchange-2007-and-2010-explained/
ASKER
Worked out great, after installing Exchange with the 3 roles at Site B, but added to Site A domain, hardly any configuration needed to take place. It was automatically showing up at the Exchange server in Site A and it automatically sends and receives from the main server.
I suggest you install a server (which is a member of siteA domain) with all roles and configure autodiscover, EWS, OAB URLs etc. Exchange will do the proxying between servers.
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
or
Install another exchange with all roles (which is a member of SiteB) and share the domain name
http://technet.microsoft.com/en-us/library/bb676395(v=exchg.141).aspx
http://exchangeserverpro.com/how-to-share-an-email-domain-between-two-mail-systems/