Forum Discussion
pazzoide76
Sep 13, 2023Brass Contributor
Migration to new exchange server 2016 with sophos web proxy
HI,
I currently have one of my customers who has an Exchange Server 2016 installed on Windows 2012 R2.
Since support for Windows 2012 R2 ends at the end of the year, my customer wants to migrate Exchange Server 2016 to Windows Server 2016.
So a windows 2016 server will be installed on which exchange 2016 will be installed and then everything will be migrated to this new machine.
My doubt is that currently the exchange services are published via sophos reverse proxy with this configuration https://support.sophos.com/support/s/article/KB-000040209?language=en_US
No third-party certificate is loaded on the current exchange server as the certificate has been uploaded to Sophos.
At the virtual directories level the names point to the reverse proxy (except for autodiscover) and are:
Owa
https://webmail.pippo.it /owa
Ecp
https://webmail.pippo.it /ecp
Ews
https://webmail.pippo.it /EWS/Exchange.asmx
Mapi
https://webmail.pippo.it /mapi
ActiveSync
https://webmail.pippo.it /Microsoft-Server-ActiveSync
Oab
https://webmail.pippo.it /OAB
Powershell
http://webmail.pippo.it /powershell
Autodiscover
https://sever.ad.pippo.it /Autodiscover/Autodiscover.xml
Since I have never done migrations to exchanges where there were reverse proxies, I wanted to understand how to do the migration.
Usually the first thing you do when migrating an exchange is to set the name of the virtual directories the same as the existing server and upload the certificate.
In this case, since the name of the autodiscover is the default one and the certificate used is the native one and not a third-party one, what should I do?
Thank you
Greetings
- Dan_SnapeSteel ContributorI've never done this so I can only guess that you build the server and configure it the same as the existing one and it's in Sophos that you make all the changes. Just be mindful of the virtual directory configuration (ie SSL offloading etc). You'll need PowerShell to get a lot of that information. I would question you putting in Server 2016 and Exchange 2016 where mainstream support has ended already for both of them. I'd go for the latest version of the OS and Exchange. There's not a lot of difference going Exchange Server 2019
- pazzoide76Brass Contributor
Thanks for the reply.
My customer does not install Exchange 2019 because it requires 128 GB of RAM and would need to upgrade the entire VMware cluster.
it is true that mainstream support has ended but extended support lasts until October 2025 for the exchange and for windows 2016 it lasts until January 2027.
So both products will still receive security patches.
Also next year my customer will migrate to o365.
For the topic of migration with the reverse proxy I will try to set up a laboratory to simulate the migration.Greetings