Solved: Vault Proxy question

Carl_Swanson · ‎02-26-2013

We upgraded to exchange 2010 back in June of 2012 and we've had to tell people to VPN in first before opening outlook to retrieve their vaulted message but now we've finally upgraded EV from 9.02 32 bit to 10.3 64 bit server and want to take care of the proxy as well. We we're going to open it up using a cert/SSL and a proxy name of vault.companyname.com . Will be using our load balancer with external IP to pass the request to internal vault server. We've done that will several items already so we know that will work. My question is on the vault server will I need to do a redirect on the root website to vault.companyname.com/Enterprisevault ? and when I do that what folders under default website will need the SSL checked, etc, etc.

-Thanks

Carl Swanson

Regal

JesusWept3 · ‎02-26-2013

Well really it would just be the /EnterpriseVault/ directory
unless you want to have remote access to EVOM (/MonitoringWebApp/) etc

But yeah, typically you would just publish
https://evServer.internal.com/EnterpriseVault/ .> https://mail.myCompany.com/EnterpriseVault/

Then you would set your RPC over HTTP URL through the Exchange Mailbox Policies to go to https://mail.myCompany.com/EnterpriseVault/

Also make sure that you have the policy set to try the internal server first, because if you have Outlook 2007+, they all switch to Outlook Anywhere mode if they detect a slow connection at any point, and when that happens, EV detects this as RPC over HTTP (because essentially, it is) and will then start using the RPC over HTTP URL that you set.

So internally you still want it to go to https://evServer.internal.com/EnterpriseVault/ and not going outside the network just to come back inside the network

and then if you use OWA, you would want to update EnterpriseVault_ExternalWebAppURL option in the web.config files so that it uses the https://mail.myCompany.com/EnterpriseVault/ URL when people attempt to access Archive Explorer and Browser search correctly

https://www.linkedin.com/in/alex-allen-turl-07370146

View solution in original post

JesusWept3 · ‎02-26-2013

Well really it would just be the /EnterpriseVault/ directory
unless you want to have remote access to EVOM (/MonitoringWebApp/) etc

But yeah, typically you would just publish
https://evServer.internal.com/EnterpriseVault/ .> https://mail.myCompany.com/EnterpriseVault/

Then you would set your RPC over HTTP URL through the Exchange Mailbox Policies to go to https://mail.myCompany.com/EnterpriseVault/

Also make sure that you have the policy set to try the internal server first, because if you have Outlook 2007+, they all switch to Outlook Anywhere mode if they detect a slow connection at any point, and when that happens, EV detects this as RPC over HTTP (because essentially, it is) and will then start using the RPC over HTTP URL that you set.

So internally you still want it to go to https://evServer.internal.com/EnterpriseVault/ and not going outside the network just to come back inside the network

and then if you use OWA, you would want to update EnterpriseVault_ExternalWebAppURL option in the web.config files so that it uses the https://mail.myCompany.com/EnterpriseVault/ URL when people attempt to access Archive Explorer and Browser search correctly

https://www.linkedin.com/in/alex-allen-turl-07370146

Carl_Swanson · ‎02-26-2013

Thanks

We're using checkpoint and according to our Network/Firewall person checkpoint can publish it but the way things are done here that would mean breaking open the SSL packet and a whole bunch of other stuff.

We would not be piggy backing on our owa address which is webmail.company.com we would be using one specifc for EV.

JesusWept3 · ‎02-26-2013

fair enough, itd be the same procedure, just different URL

https://www.linkedin.com/in/alex-allen-turl-07370146

VOX

Vault Proxy question