Exchange Server 2007 CAS-CAS Proxying Guidelines..

Hello Folks,


I’ve seen a lot of posts about CAS-CAS Proxying in Exchange Server 2007. Then, I will go over some key points that we must not forget when we are deploying this kind of solution. These points can be seen below:




  • 1 CAS Server in each site that has a MAILBOX server


  • Only in the CAS which will be published on the internet you must set up the externalURL attribute with your external name


  • All other “child” CAS servers must be set up with Integrated Authentication insted of forms authentication


  • ExternalURL in the child sites must be empty
    Set-OwaVirtualDirectory <owa> -ExternalURL:$null
    Ps.: If you enableExternalURL in child CAS Servers, then you will have Redirection feature not Proxy.


  • Make sure that you internalURL is appropriate. By default is the name of server, make sure that it makes sense (I wrote this one, because I saw a customer using external address into the internal address [:D]) 


  • make sure that RedirectToOptimalOWAServer is set to $True, you can use the following cmdlet: set-owavirtualdirectory “owa (default web site)” -RedirectToOptimalOWAServer $true


  • The same for Exchange Server 2003 back-end servers you must not enable forms authentication


  • If you are using ISA Server to publish the CAS Server (recommended) you must disable Forms in the “parent” CAS server, ISA server will take care of the Forms


  • Give some time for Active Directory Replication

Built in tools to help you in this kind of scenario:



  • IIS logs are your friend, you can validate by them if everything is going well

  • You can also validated using OWA session on the About section you can see if CAS Proxy-to-Proxy is working as well

I hope that it can help you in your CAS-CAS Proxying deployment.


Best Regards,
Anderson Patricio

4 thoughts on “Exchange Server 2007 CAS-CAS Proxying Guidelines..

  1. Is there a method for forwarding requests to the correct CAS server (if both CASs are published to the Internet)?

  2. Hello Tom Thrush,

    How are you? Actually you don’t need that, because both of them will be in the same AD Site that the mailbox server. It doesn’t matter which one will get your request.

    If you have multiple points of the internet, you can use redirect to point the user to the right server.

    Please, let me know if you have any question.

    Best Regards,
    Anderson Patricio.

  3. Hi Anderson,

    I was reading your blogpost and technet.microsoft.com/…/bb310763.aspx and was left with some questions:

    Is there any way of simulating the old Exchange 2003 functionality of having each CAS redirect to the CAS in site holding the mailbox?

    We have a large Exchange organisation spanning globally across 4 domains and douzens of sites holding Exchange servers. We would like to have a single accesspoint to OWA in each domain which would redirect OR proxy to the appropiate CAS. Any way of accomplishing this?

    Also if I understand correctly having the ExternalURL set on a CAS enables redirection between CAS’s that have that ExternalURL set.. Proxying will occur only between a CAS that has the ExternalURL set and a CAS that has only the InternalURL.

    So..building on this… would enabling the ExternalURL on all CAS’s simulate the Exchange 2003 functionality?

    Also… Will proxying occur accross domains? And, will redirection only occur to a CAS that is in the site that contains the mailbox or will it also redirect to the closest CAS with the ExternalURL set and from there proxy to the CAS with the mailbox??

    Thanks in advance!

Leave a Reply

Your email address will not be published. Required fields are marked *