I have Exchange 2013 All the roles in one server 2012R2. CAS part on this server is not available from the WAN, we must VPN to use it.
We are in need of having ActiveSync withour VPN. So Adding a CAS role make sense and NAT that for the WAN access.
What I need to know is, should CAS be on DMZ, or on LAN? MS said DMZ not supported ... I have no need for L4 LoadBalancer as I have one server, so pointless to balance 1 server.
1 How to deploy Active Sync without LB and not directly on the LAN?
2 What's the proper deployment step in this scenario. Do I have to remove CAS role from the "All In One" box ?