Exchange 2010 - Outlook 2010 enabling CONNECT OVER HTTP by default at remote site


I have an Exchange 2010 system installed at a client site, and there are (2) Active Directory sites configured.  The sites are configured as separate sites in Active Directory, with each site having a DC/GC, and each site having it's own separate CAS server and DATABASE server for Exchange:




Exchange works and connects for all users in all sites automatically, no configuration necessary.  Autoconfigure does its thing...but I notice that all of the Outlook 2010 clients in the FL site are defaulting to "CONNECT TO EXCHANGE OVER HTTP"...we noticed this on an EXTREMELY LARGE MAILBOX USER because their mailbox was running more slowly than you would think....we investigated and shows that FOR CAS calls, ALL calls were going to the PUBLIC IP ADDRESS of the CAS, and the CAS was then making calls back over the VPN to the database server in the FL site.  

If we UNCHECK "CONNECT OVER HTTP..." it speeds things up AMAZINGLY!  However, the next time that I close and restart Outlook, the checkmark is back and it's connecting over OUTLOOK ANYWHERE again.

How can I change this in the remote site?  The main site is fine.
Thank you!
Who is Participating?
Simon Butler (Sembee)ConsultantCommented:
The behaviour you are seeing is by design. If Outlook Anywhere is enabled, then it goes to all clients. You cannot change that behaviour, as you have seen it is overridden by Autodiscover.

Your fix isn't viable, therefore you need to look at why it is using Outlook Anywhere.

Outlook Anywhere works in a failover mechanism. It initially attempts to connect to the server using TCP/IP connections, if that fails, it will then attempt to use Outlook Anywhere. Thus you need to look at whether there is something blocking the connection. Perhaps your Exchange server address or Autodiscover address isn't resolving or you cannot connect to the server correctly?

Another thing you can try is setup a split DNS, so that your external host name resolves internally to the internal IP address of the Exchange server. While not resolving the underlying problem it would ensure that the traffic stays inside the network.

Satyendra SharmaMicrosoft UC Technical ArchitectCommented:
So if i understand your scenario correctly NYC is your internet facing Exchange site?
And NYC is configured to proxy to FL over your site to site vpn?

Do all the clients in the FL site connect over HTTP or only this particular one?
Any GPO setting pushed for Outlook clients in the environment specifically related to outlook anywhere settings?
jkeegan123Author Commented:
@Sharma:  Yes ALL FL users are doing this.
@Simon:  I am aware of everything that you said and after posting, I got to the configurations and ... let's just say it was messy to be nice.  

I ended up setting up SPLIT DNS because autodiscover was pointing to the internet record and the internet zone was NOT an internal split zone, I ended up having to create that.  Once I created that, created an "A" record for each physical site and their corresponding CAS and exported the certs to match (AMAZINGLY all of this was wrong but the certificates SAN's were correct...) and everything was shiny happy.

Points to Simon since that is what ended up resolving it.  Thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.