I have an Exchange 2007 Environment that I am upgrading to Exchange 2010. I have Squid configured as a reverse proxy, and I placed it in front of my Exchange 2007 CAS server. Both servers are located in the same Active Directory site.
Exchange 2010 does not allow OWA proxying to Exchange 2007 servers in the same AD site, and Microsoft requires OWA redirection during the co-existence period (fortunately, this is not the case with ActiveSync). Since I have a very limited pool of public IP addresses (translation: none to spare), and I need to have OWA available for users during the testing phase, I was hoping to configure Squid to act as the reverse proxy for both CAS servers. The issue that I am running into, though, is that when I configure Squid to handle both OWA2007 and OWA2010, it will only serve traffic to the first OWA item listed in the config, and any traffic addressed to the other OWA site gets redirected to the first. If I list owa2010.domain.local as the first item in the config, and I attempt to go to owa2007.domain.local, Squid directs me to the OWA2010 site. Here is a copy of the configuration that I am testing. visible_hostname OWA2010.domain.local extension_methods RPC_IN_DATA RPC_OUT_DATA https_port 443 cert=/usr/local/squid/certs/cert.crt key=/usr/local/squid/certs/cert.nopass.key defaultsite=OWA2010.domain.local cache_peer 192.168.1.254 parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER sslcert=/usr/local/squid/certs/exchange.crt sslkey=/usr/local/squid/certs/nopassexchange.key name=owa2010 acl OWA dstdomain OWA2010.domain.local cache_peer_access owa2010 allow OWA never_direct allow OWA http_access allow OWA miss_access allow OWA visible_hostname OWA2007.domain.local extension_methods RPC_IN_DATA RPC_OUT_DATA https_port 443 cert=/usr/local/squid/certs/cert2.crt key=/usr/local/squid/certs/webmail2nopass.key defaultsite=OWA2007.domain.local cache_peer 192.168.1.1 parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER sslcert=/usr/local/squid/certs/exchange.crt sslkey=/usr/local/squid/certs/nopassexchange.key name=owa2007 acl OWA2 dstdomain OWA2007.domain.local cache_peer_access owa2007 allow OWA2 never_direct allow OWA2 http_access allow OWA2 miss_access allow OWA2 I'm not sure what I need to change to make Squid work as a reverse proxy for two OWA servers. Can anyone help me find what I'm doing wrong? I also have this question cross-posted on ServerFault at http://serverfault.com/q/336913/91254
