CAS Proxy

CAS Proxy how to configure it?
Exchange_DonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
what version of exchange?
0
Gareth GudgerCommented:
Based on your other question I am assuming this is also Exchange 2013.

Are you referring to a Reverse Proxy to publish CAS services? Or using CAS to proxy mail flow? Or possibly even Outlook Aynwhere?

I am assuming you are referring to a Reverse Proxy.

Most load balancers inherently have some form of reverse proxy in them. Some firewalls as well. You can even look at using ARR on top of IIS from Microsoft. ARR is a free add-in for IIS. All you would need is a Server license.
0
Adam FarageSr. Enterprise ArchitectCommented:
If you are looking for a reverse proxy in Exchange 2013, it is not necessarily required. A great post to review would be this from the Exchange product group (http://blogs.technet.com/b/exchange/archive/2013/07/17/life-in-a-post-tmg-world-is-it-as-scary-as-you-think.aspx).

If you are trying to load balance and still want a proxy (that is low cost) you could always go with IIS AAR, and here are some instructions on how this works: http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx

There are three parts to this, but we can answer questions you may have after reviewing the materials.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Exchange_DonAuthor Commented:
CAS proxy is a process to make one particular server as internet facing server.
0
Adam FarageSr. Enterprise ArchitectCommented:

CAS proxy is a process to make one particular server as internet facing server.

No its not. The only thing you technically need to do to make a CAS internet facing is to allow TCP 25 (SMTP) and TCP 443 (HTTPS) through on the firewall, either through port forwarding or a NAT. A reverse proxy allows for additional security, but as the article above describes you do not need that security unless legal requires you too (such as compliance, HIPPA, ect).

If you want a reverse proxy, I would recommend IIS AAR as pointed out above.

If you want to have load balancing across multiple CAS and allow those to be internet facing, then you should NAT or Port Forward TCP 25 / TCP 443 to the VIP of the load balancer that is supporting the CAS role.
0
Exchange_DonAuthor Commented:
you all not able to understand what i mean to say, i am having 03 cas servers and i want to make 01 particular server as internet facing server so that all traffic must hit to that particular server in exchange 2013.
0
Gareth GudgerCommented:
What is the business goal for this?

If it is to just protect the CAS servers then you should use IIS ARR or a load balancer as Adam and I already mentioned.
0
Exchange_DonAuthor Commented:
so if i apply cas nlb then will i be able to configure cas proxy.
0
Gareth GudgerCommented:
Most load balancers will include some form of reverse proxy. For example a Kemp virtual/hardware load balancer will do reverse proxy. As will IIS ARR.
0
Adam FarageSr. Enterprise ArchitectCommented:
, i am having 03 cas servers and i want to make 01 particular server as internet facing server so that all traffic must hit to that particular server in exchange 2013.

Why? If they are in the same exact site, then (apologies if this comes off as rude or harsh) a horrible design choice. If the CAS are all within the same site, use a load balancer to LB the CAS and publish the NAT through the firewall. This will allow high availability in the event one of the CAS does break.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.