IIS 7 as a reverse proxy for OCS 2007 R2 Edge Services

I've been working on getting Edge Services setup in our OCS 2007 R2 environment.  I am using the single consolidated edge setup.

Initially the reverse proxy requirement was kind of a head-scratcher.  Most of Microsoft's documentation talks about using ISA (now rebranded to Threat Managment Gateway (TMG)) as the reverse proxy solution.  Since we don't currently have a ISA server, and I didn't really have any money to spend, I decided to try and get IIS 7 to work as a reverse proxy.

I first noticed that IIS 7 can act as a reverse proxy when I was working on some URL Rewriting.  I came accross this blog and number 7 caugh my attention.

Here's what I did to get IIS 7 to act as a reverse proxy for OCS 2007 R2 Edge Services:

• Provisioned a Windows 2008 R2 server in DMZ (same as network as the consolidated edge server)
• Added the IIS role
• Installed the Application Request Routing module for IIS 7
• This module includes the URL Rewrite module
• Created a site in IIS for ocsrp.domain.com
• Created a certificate for the site ocsrp.domain.com
• Applied the certificate to the IIS site that I created for ocsrp.domain.com
• Checked Enable Proxy under the Application Request Routing settings at the server level
• Left all other settings on application request routing default
• Added the URL Rewrite rule to the web.config of the site

 
 
    
        
            
                
                    
                     https://ocs2007r2pool.internal.dom/{R:1}" />
                
            
        
    
 

IIS will then proxy http requests coming from ocsrp.domain.com to ocs2007r2pool.internal.dom which is the FQDN of our internal enterprise pool.

I hope others will find this useful.