We're planning on moving to Exchange 2013 SP1. From all the information I could find, it seems that the Edge Transport role is to be placed in the perimeter network for incoming SMTP traffic. My question is, let's say the CAS role (along with the Mailbox Server role) resides on our internal network - do Outlook 2010/2013 users that connect to our organization from the outside do so through the Edge Transport server, or would they connect directly to our internal corporate LAN where the CAS is hosted?
And if they connect directly to out internal corporate LAN where our CAS is hosted, is there a way to force that traffic instead to go through the Edge Tranport server first, or would the CAS role also have to be installed on our perimeter network for this to work?
Basically, we would prefer that any traffic coming through the outside goes through our DMZ first. We would like to avoid having to open any port to our corporate LAN. I really appreciate any insight someone could offer into this. Thanks.