Overview
Robert's Rules of Exchange is a series of blog posts in which we take a fictitious company, describe their existing Exchange implementation, and then walk you through the design, ins...
Published Nov 23, 2010
Version 1.0
Blog Post
If you have the capability to also include SSL offloading in your configuration I think it would be very much apprecited.
A quick note about namespace planning for those who are not split-DNS:
If your CAS array will be load balanced and you don't want cas server names in the certificate and you want to prevent certificate mismatch with internal autodiscover - you need to define the internal namspace just like you would external and include those NLB names in your certificate and update the InternalURLs on each CAS server (including the Autodiscover virtual directory and SCP for Active Directory).
If you have 2 sites you will need at minimum 5 SAN names:
mail.externaldomain.com
mail2.externaldomain.com
autodiscover.domain.com
mail.internaldomain.us
mail2.internaldomain.us
A quick note about namespace planning for those who are not split-DNS:
If your CAS array will be load balanced and you don't want cas server names in the certificate and you want to prevent certificate mismatch with internal autodiscover - you need to define the internal namspace just like you would external and include those NLB names in your certificate and update the InternalURLs on each CAS server (including the Autodiscover virtual directory and SCP for Active Directory).
If you have 2 sites you will need at minimum 5 SAN names:
mail.externaldomain.com
mail2.externaldomain.com
autodiscover.domain.com
mail.internaldomain.us
mail2.internaldomain.us