Nov 15 2019
06:47 AM
- last edited on
Jan 14 2022
04:36 PM
by
TechCommunityAP
Nov 15 2019
06:47 AM
- last edited on
Jan 14 2022
04:36 PM
by
TechCommunityAP
I have what appears to be a odd scenario. I would like to enable the Exchange Hybrid config, however I don't want to expose my on-prem Exchange servers to the internet. I was thinking I could potentially use the Azure App Proxy to publish URIs like autodiscover.mydomain.com and mail.mydomain.com.
I know Exchange Online needs to access the AutoDiscover URI, but can I use the App Proxy with conditional access to somehow limit access to that URI to only Exchange Online? Is there another Azure product that would do this better? Any and all suggestions welcome.
Nov 15 2019 11:25 AM
Two words for you, "Hybrid agent" 🙂
https://docs.microsoft.com/en-us/exchange/hybrid-deployment/hybrid-agent
Nov 15 2019 01:09 PM
@VasilMichev That's the path I went but I still needed my autodiscover publicly available.
Nov 16 2019 06:07 AM
you can try to allow only microsoft ip ranges https://docs.microsoft.com/de-de/office365/enterprise/urls-and-ip-address-ranges
Nov 17 2019 11:05 AM
Nov 17 2019 11:15 AM
Nov 17 2019 11:54 PM