Link to home
Start Free TrialLog in
Avatar of jskfan
jskfanFlag for Cyprus

asked on

Exchange 2013 CAS Array

Exchange 2013 CAS Array

If I understand, Users from inside the Network and Outside the Network, when they connect to their mailboxes in Exchange server, they should go through one of the CAS servers.
Multiple CAS servers are set as an Array and Virtual IP address should be assigned to the Array and DNS record should be created for the CAS Array

OK Now, how do you create the CAS array for internal/External users ?

Thank you
SOLUTION
Avatar of Scott C
Scott C
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jskfan

ASKER

Ok..so If I understood the content of the article..

-- Configure Outlook Anywhere on each CAS server to point to mail.exchange2013demo.com
---Add mail.exchange2013demo.com to DNS

when  user opens Outlook  does it look for mail.exchange2013demo.com  which in turn sends the Outlook to a less busiest CAS Server ?
Yes, but you want to balance it more, you would need to implement a hardware LB.
Just make sure all the servers have the Client Access role installed.
Avatar of jskfan

ASKER

For users coming from Outside  how do they get to their mailboxes ?
 mail.exchange2013demo.com will have a Public IP address on the public DNS
For OWA? They would go to mail.exchange2013demo.com/owa to get it. For using Outlook or Phones, you will need to have Autodiscover setup correctly. this is assuming you have all the prerequisites taken care of already. Users have access to your Mail servers via https and you have a certificate with the name autodiscover.exchange2013demo.com and mail.exchange2013demo.com on it and your users all have mail addresses of @exchange2013demo.com. There are many good setup articles out there you can use.
Avatar of jskfan

ASKER

Can you please describe the path that external user takes to get to their email from outside.

for instance :
 mail.exchange2013demo.com is registered with the ISP
user will type in in the browser:  mail.exchange2013demo.com
the Public IP associated with  mail.exchange2013demo.com should be  the extrenal interface of the firewall  .
The firewall will know that is an SMTP traffic and will route traffic to the load -balancer for CAS servers.
etc....
etc....
until user gets to their mailbox.

a process flow like that might help.

I have seen some process flow diagrams online but, not clear ..
OK, this all assumes the following.
1. Your Public IP is configured correctly on your firewall and has TCP port 443 forwarded to your Load Balancer VIP for the CAS Traffic
2. You have DNS configured Correctly with an A record for Mail and an A record for Autodiscover
3 Given the above information, you have configured IIS redirect on the root Website to redirect requests to https://mail.exchange2013demo.com/owa
4. You have certificates installed with the name mail.exchange2013demo.com  and the SAN autodiscover.exchange2013demo.com
5. You users use the mail domain @exchange2013demo.com

  For OWA, the user types https://mail.exchange2013demo.com in the browser. His resolved to the proper IP and the traffic is directed to the Load Balancer VIP. Depending on your type of Load Balancer, the traffic will be directed to one of the CAS servers. The site there will return a redirect to the /owa virtual directory and prompts the user to login. They now get their mail. The CAS server just proxies the connection to the mail server with the active database if you have a DAG.

  For Outlook (Outlook ANywhere), Outlook will resolve the dns name autodiscover.exchange2013demo.com and use this to contact the CAS array. The actual path is the same. It will use the settings downloaded from the Autodiscover Virtual Directory to configure it.

  Sorry if this seems to be over explaining things but I am not sure how familiar you are with Exchange planning.
Avatar of jskfan

ASKER

Ok.. quick questions

1 -  How does the firewall know that this email traffic needs to be forwarded to Load Balancer VIP ? because it is SMTP ?

2 - at the Registrar(ISP)  we will have 2 DNS records :
mail.exchange2013demo.com    (for OWA)
autodiscover.exchange2013demo.com   ( For Outlook Anywhere)

Correct ?

Probably Internal DNS also will have the same DNS records. Corretc ?



3--in your statement "The site there will return a redirect to the /owa virtual directory and prompts the user to login."
the redirect will be within the CAS server ?

4--- you stated  users will hit the load Balancer  through the Firewall , if I understand Load Balancer will have internal IP NATTED by the Firewall... Correct ?


Thank you for your time
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jskfan

ASKER

Thank you for your Help