Proxying CAS HTTP Cross Forest availability requests

Some of you may want to configure Cross Forest availability with your CAS Servers, but don't necessarily want to open additional paths through your firewalls or networks for the CAS Servers to be able to talk directly with one another.

 

In this case, if you have an HTTP Web Proxy (obviously we like to use ISA Server), you can configure the CAS Server to use this to proxy it's SOAP requests for Free Busy and Autodiscover to the other forest.

 

Locate the following folders (actual path may vary if you changed the default install path of Exchange):

 

..\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews

..\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscover

 

You will find a web.config file in each of these, to which you will need to add the following section (to clarify, it is best placed directly after /<system.web>):

 

    <system.net>
        <defaultProxy>
            <proxy
                usesystemdefault = "false"
                proxyaddress = "https://proxyserver/"
                bypassonlocal = "true"
            />
            <bypasslist>
                <add address="https://[a-z]+/.contoso/.com$" />
            </bypasslist>
        </defaultProxy>
    </system.net>

 

For more information, check out the following MSDN article: https://msdn.microsoft.com/en-us/library/5w91x7a7.aspx

 

Important parameters are:

 

Usesystemdefault -> set to false to be able to specify our own proxy settings

Proxyaddress -> Your HTTP Proxy (ISA Server)

Bypassonlocal -> This setting is important if you have more than 1 CAS Server internally, and if your Proxy Server can not proxy internal HTTP requests.

Bypasslist -> The list of addresses which should be bypassed as local addresses.

 

Following the changes in the web.config files, you should perform an IISRESET.

 

You CAS Server will now use your HTTP Proxy for HTTP requests such as Cross Forest Free busy lookups, Cross Forest Autodiscover etc.

If you did not configure bypass lists, it will be using the HTTP Proxy for all requests.

 

Please note that this is only for HTTPWebRequests (https://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.aspx) that the CAS Server initiates (such as those SOAP Free Busy requests to other servers) rather than responses to OWA Clients.