Exchange 2003 coexisting with Exchange 2010 - legacy.domain.com - where should this point to ?

Status
Not open for further replies.
A

Anand_N

Exchange 2003 is co-existing with Exchange 2010:

I've created a DNS host record legacy.domain.com in the internal DNS server that points to the IP address of my Exchange 2003 front-end server. And in the external DNS server I created a DNS record for legacy.domain.com to point to the public IP address on our firewall.

In the internal DNS server, I configured the original host name mail.domain.com (that is on the exchange 2003 FE certificate) to point to the IP address of the 2010 Client Access server. And in the external DNS server, the existing mail.domain.com record continues to point to the public IP address of

the firewall .

On my firewall, https traffic is set to be forwarded to the internal ip of the exchange 2010 server and no longer to the exchange 2003 server

So when the remote user that has an exchange 2003 mailbox accesses https://mail.domain.com/owa, exchange 2010 CAS presents them with a link to https://legacy.domain.com/exchange. Problem is, since legacy.domain.com points to the same public ip as mail.domain.com, when the user clicks on
the redirection link https://legacy.domain.com/exchange will this create a loop ? i.e. they will go back to the exchange 2010 cas machine and be redirected again ?
 
A

Amit Tank [MVP]

I think you don't have to define legacy url into public DNS, when somebody with E2k3 mailbox tries to access mailbox with mail.domain.com/owa address, Exchange 2010 will redirect request to E2k3 mailbox server based on Exchange2003URL parameter. Below article gives you more details...

Upgrading Outlook Web App to Exchange 2010

http://msexchangeteam.com/archive/2009/12/02/453367.aspx

Amit Tank
MVP: Exchange Server | MCTS: Microsoft Exchange Server 2010, Configuration | MCITP: EMA | MCSA: M
Blog: http://ExchangeShare.WordPress.com | User Group: http:/MUC-UG.org.in
 
A

Anand_N

The problem however is that the exchange 2010 presents the user with a hyperlink to legacy.domain.com/exchange. The user's computer then
tries to resolve this name legacy.domain.com. Then I suppose I would need a public dns entry for legacy.domain.com else the user's computer
will not be able to resolve legacy.domain.com and he would get page cannot be displayed error.
 
E

Elie Bou Issa



It is not the user that needs to resolve the legacy URL, instead it is Exch2k10 who will redirect the request to the legacy URL

As Amit said, there's no need to have a public DNS for the legacy URL

Can you elaborate more on what you mean: "exchange 2010 presents the user with a hyperlink to legacy.domain.com/exchange"
Elie B. MCITP: EMEA|EA|SA Blog: http://blog.elieb.info
 
B

Brian Day MCITP [MVP]



It is not the user that needs to resolve the legacy URL, instead it is Exch2k10 who will redirect the request to the legacy URL

As Amit said, there's no need to have a public DNS for the legacy URL


Why wouldn't there be a need for an external DNS entry? The user's browser is redirected via single-sign-on to the legacy URL. If you look at the address bar in the browser the URL does in fact change to the legacy one. If the user cannot resolve the URL, how will he ever get to the site?

For the OP you're going to have to either create a second ISA listener for the legacy URL with a new IP, or use host headers so ISA can distinguish what you are trying to get to if you don't want to use a new IP (I'd use a new IP, but that is just me).Brian Day, Overall Exchange & AD Geek
MCSA 2000/2003, CCNA
MCTS: Microsoft Exchange Server 2010 Configuration
LMNOP
 
S

Scott Feltmann



Quite an interesting discussion. I would have to side with Brian. While a redirection will point the external user to another URL the external user would still need to resolve the proper IP to establish the connection. Example, in the event of using ISA you technically need to have two rules setup, one for the mail.domain.com and one for the legacy.domain.com. When a user connects to mail.domain.com and the users mailbox resides on an older version of exchange the proxy will point them to the legacy url. The user is then transfered to the other CAS/FE server by establishing a new connection. Depending on how authentication is setup it should be seamless. Keep in mind though that the user is still connecting from the internet to the new URL that the 2010 server pushed it toward.

At least that's the way I understand it.....

So, as it would relate to this topic and you're using a FW and not ISA you would need to have a second external IP address configured to point to the legacy url.

Or you could use ISA and create a web listener and have authentication at the ISA server. You could point both urls to the ISA box and the ISA box would direct the traffic to the proper server.
SF - MCITP:EMA, MCTS: Exchange 2010, Exchange 2007, MOSS 2007, OCS 2007 -- http://www.scottfeltmann.com
 
A

Anand_N



Yes I was thinking I needed to purchase a second public ip and associate that with legacy.domain.com in external dns. The firewall forward all https traffic on that public interface to the internal ip of the legacy exchange 2003. But the firewall I am using is in fact ISA server, so it would be less costly for me to just create another web listener specifically for legacy.contoso.com which will forward to the legacy exchange 2003. Is that a possible configuration ?
 
A

Amit Tank [MVP]



Why wouldn't there be a need for an external DNS entry?
I thought it is transparent from outside. This is a good transition point to keep in mind. Thanks Brian. :)

Amit Tank
MVP: Exchange Server | MCTS: Microsoft Exchange Server 2010, Configuration | MCITP: EMA | MCSA: M
Blog: http://ExchangeShare.WordPress.com | User Group: http:/MUC-UG.org.in
 
Status
Not open for further replies.
Top