Hi List, I am going to be installing an New Exchange CAS Array shortly and was wondering if anyone had any real world experience of a setup similar to whats proposed.
Exchange 2010 4 x CAS/HT Servers 4 x MBX Server 2 x F5 Big IP load balancers internal on the LAN. 2 x UAG servers in an array in the DMZ 2 x F5 Big IP Load Balancses in the DMZ. We are planning on setting up the CAS/HT Servers as one CAS Array. the MBX servers as a DAG with 4 Databases and 4 copies of each (each server with a copy of each DB) Utilising the F5 to load balance all Client connections from the LAN. The UAG Array to publish OWA Active Sync Outlook anywhere And the F5s in the DMZ to load balance the Wan connections to the UAG Array. this all seems good My quesiton comes on the SSL side. F5 install guides talk about offloading the SSL to them, and then passing unencrypted traffic to the CAS I think this would be a option, or just load balancing as Encrypted SSL streams and passing this through to the CAS for it to do the SSL. so I would think the flow would be SSL - F5 (DMZ) - SSL UAG - SSL - F5 (LAN) - SSL CAS And if this is the flow my question is wehere would be put the SSL certs and what would the Cert need? Alternatively if we were to offload the SSL processing woudl that be done on the F5 in the DMZ or the LAN one? and again where and what sort of certs would we need. I have sent the question to the F5 Techincal lead on the job and will see what we get from them but I was hoping someone would have real world experience. Thanks Graeme -- Good news everyone, you have just received an e-mail from me! --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
