Forum Discussion
geek2point0
Nov 15, 2019Brass Contributor
App Proxy and Exchange Hybrid
I have what appears to be a odd scenario. I would like to enable the Exchange Hybrid config, however I don't want to expose my on-prem Exchange servers to the internet. I was thinking I could potenti...
VasilMichev
MVP
Two words for you, "Hybrid agent" 🙂
https://docs.microsoft.com/en-us/exchange/hybrid-deployment/hybrid-agent
geek2point0
Nov 15, 2019Brass Contributor
VasilMichev That's the path I went but I still needed my autodiscover publicly available.
- TommekNov 16, 2019Brass Contributor
you can try to allow only microsoft ip ranges https://docs.microsoft.com/de-de/office365/enterprise/urls-and-ip-address-ranges
- Michael ObernbergerNov 17, 2019Brass ContributorHi,
you don't need to publish Autodiscover if you are using the Hybrid Agent. Or why do you want to publish it?
All Free/Busy requests will traverse over the Hybrid Agent.
Michael- geek2point0Nov 17, 2019Brass ContributorRunning through the hybrid configuration wizard I kept getting an error that my autodiscover url wasn’t reachable. It is listed in the requirements on docs.microsoft.com that autodiscover be reachable as well. https://docs.microsoft.com/en-us/Exchange/hybrid-deployment-prerequisites And isn’t autodiscover discover required if I want ActiveSync to work for mailboxes I migrate to EOL?
- Michael ObernbergerNov 18, 2019Brass ContributorFor the HCW your Autodiscover URL should be reachable internally or you could ignore this error, because the TargetSharingEPR should be set correct by the HCW.
Yes Autodiscover is required for new mailboxes but if you lock it down to Exchange Online IPs it will not work for your mobile phones, because there are coming from different IPs. So if you want to have Autodiscover working you have to publish without any specific IP blocking rules.