Configuring Exchange Web Services for Proxy Requests (Exchange Web Services)

Topic Last Modified: 2007-11-01

Microsoft Exchange Server 2007 Service Pack 1 (SP1) introduces the Web Service HTTP Proxy. This feature is implemented on a computer that is running Exchange 2007 that has the Client Access server role installed. It is used to proxy mailbox servicing requests to the appropriate Client Access server. Proxy requests occur when clients use a Client Access server that is not in the same site as their mailbox.


To optimize network traffic, do not use Exchange Web Services HTTP Proxy for intranet requests. Use the Autodiscover service to configure clients to use the appropriate Client Access server so that requests are not unnecessarily passed through a proxy Client Access server. Do not use the Exchange Web Services HTTP Proxy feature to replace Autodiscover queries. For information about the Autodiscover service, see Autodiscover Service Architecture.

The Exchange Web Services HTTP Proxy feature enables clients on the Internet to efficiently access a mailbox that is in a site that does not have an Internet-facing Client access server. The Exchange Web Services HTTP Proxy feature passes requests to the appropriate Client Access server, in this case an internal-facing Client Access server. This feature is also useful when mailboxes are moved and are still serviced by the original Client Access server. The client can still be serviced by a Client Access server by the proxy feature until the client configuration has been updated to point to the appropriate new Client Access server.


Requests that span multiple mailboxes — such as when a delegate accesses two or more mailboxes that are serviced by two or more Client Access servers — will not be optimized. Therefore, we recommend that you use the Autodiscover service to make sure that all the mailboxes that are referenced in a request are in the same site.

You must set the InternalNLBBypassUrl property so that network load balancers are bypassed by proxy requests. This property takes the URL of the Exchange Web Services virtual directory on each Client Access server so that the traffic can bypass the network load balancers and go directly to the Client Access server. You can use the New-WebServicesVirtualDirectory and Set-WebServicesVirtualDirectory cmdlets to set the InternalNLBBypassUrl for a Client Access server. For information about these cmdlets, see the following topics:


  • The InternalNLBBypassUrl is set to the same value as the InternalUrl when you upgrade Exchange 2007 to Exchange 2007 SP1. If the InternalUrl refers to an NLB, you must update the value.

  • Set IP affinity on the EWS virtual directory so that stateful notification requests are serviced by the same Client Access server. Exchange Web Services uses the InternalNLBBypassUrl setting so that it is not affected by affinity that is maintained by the NLB.

  • The Availability service methods proxy based on the InternalURL property (NLB) and not the InternalNLBBypassUrl property. This property is also set by the New-WebServicesVirtualDirectory and Set-WebServicesVirtualDirectory cmdlets. You can disable traffic on a Client Access server by setting the InternalNLBBypassUrl to an empty string.