Solved

CAS Proxy

Posted on 2014-12-28
17
118 Views
Last Modified: 2015-01-23
CAS Proxy how to configure it?
0
Comment
Question by:Exchange_Don
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
  • +1
17 Comments
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40520606
what version of exchange?
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 200 total points
ID: 40521044
Based on your other question I am assuming this is also Exchange 2013.

Are you referring to a Reverse Proxy to publish CAS services? Or using CAS to proxy mail flow? Or possibly even Outlook Aynwhere?

I am assuming you are referring to a Reverse Proxy.

Most load balancers inherently have some form of reverse proxy in them. Some firewalls as well. You can even look at using ARR on top of IIS from Microsoft. ARR is a free add-in for IIS. All you would need is a Server license.
0
 
LVL 19

Accepted Solution

by:
Adam Farage earned 300 total points
ID: 40521263
If you are looking for a reverse proxy in Exchange 2013, it is not necessarily required. A great post to review would be this from the Exchange product group (http://blogs.technet.com/b/exchange/archive/2013/07/17/life-in-a-post-tmg-world-is-it-as-scary-as-you-think.aspx).

If you are trying to load balance and still want a proxy (that is low cost) you could always go with IIS AAR, and here are some instructions on how this works: http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx

There are three parts to this, but we can answer questions you may have after reviewing the materials.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Exchange_Don
ID: 40521394
CAS proxy is a process to make one particular server as internet facing server.
0
 
LVL 19

Expert Comment

by:Adam Farage
ID: 40521786

CAS proxy is a process to make one particular server as internet facing server.

No its not. The only thing you technically need to do to make a CAS internet facing is to allow TCP 25 (SMTP) and TCP 443 (HTTPS) through on the firewall, either through port forwarding or a NAT. A reverse proxy allows for additional security, but as the article above describes you do not need that security unless legal requires you too (such as compliance, HIPPA, ect).

If you want a reverse proxy, I would recommend IIS AAR as pointed out above.

If you want to have load balancing across multiple CAS and allow those to be internet facing, then you should NAT or Port Forward TCP 25 / TCP 443 to the VIP of the load balancer that is supporting the CAS role.
0
 

Author Comment

by:Exchange_Don
ID: 40525676
you all not able to understand what i mean to say, i am having 03 cas servers and i want to make 01 particular server as internet facing server so that all traffic must hit to that particular server in exchange 2013.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40525682
What is the business goal for this?

If it is to just protect the CAS servers then you should use IIS ARR or a load balancer as Adam and I already mentioned.
0
 

Author Comment

by:Exchange_Don
ID: 40525692
so if i apply cas nlb then will i be able to configure cas proxy.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40525708
Most load balancers will include some form of reverse proxy. For example a Kemp virtual/hardware load balancer will do reverse proxy. As will IIS ARR.
0
 
LVL 19

Expert Comment

by:Adam Farage
ID: 40525717
, i am having 03 cas servers and i want to make 01 particular server as internet facing server so that all traffic must hit to that particular server in exchange 2013.

Why? If they are in the same exact site, then (apologies if this comes off as rude or harsh) a horrible design choice. If the CAS are all within the same site, use a load balancer to LB the CAS and publish the NAT through the firewall. This will allow high availability in the event one of the CAS does break.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question