Client Access servers and Mailbox servers are deployed in Active Directory sites. Some Client Access servers may have external URLs and can be reached from the Internet. Other Client Access servers may have only internal URLs and be available only from your organization's intranet.

If you have two Active Directory sites, each with one Client Access server that has an external URL, a user may connect to the Client Access server in site 1 although his or her mailbox is in site 2. Outlook Web Access will either redirect the user to the Client Access server in site 2, or will proxy the user to the Client Access server in site 2.

By default, Outlook Web Access will redirect the user to the external URL of the Client Access server in site 2. However, if the RedirecttoOptimalOWAServer parameter is set to false, Outlook Web Access will try to proxy to the external URL of the Client Access server in site 2 and will ignore the internal URL.

If the Client Access server in site 2 is not available from the Internet, users will receive an HTTP 404 (page not found) error when they are proxied from the Client Access server in site 1 to the Client Access server in site 2. The steps to re-create the problem are as follows:

1. Set up proxying so that users in site 2 can reach their mailboxes through a Client Access server in site 1 without having to reenter their credentials.
   
   
2. Create an external URL (different from the internal URL) on the Client Access server in site 2.
   
   
3. Use the Set-OwaVirtualDirectory cmdlet to set the RedirecttoOptimalOwaServer parameter to false on the Client Access server in site 1. For more information, see Set-OwaVirtualDirectory.
   
   
4. Block access to the Client Access server in site 2 from the Internet. A simple way to do this is remove the DNS entry for the external URL.
   
   
5. Use the URL for the Client Access server in site 1 to log on to a mailbox in site 2.
   
   

With the RedirecttoOptimalOwaServer parameter set to false on the Client Access server in site 1, the user will be proxied to the external URL on the Client Access server in site 2. If the Client Access server in site 2 loses connectivity to the Internet, the user will receive a 404 error (page not found).

To resolve this problem without allowing access to the Client Access server in site 2 from the Internet, use the Exchange Management Console or the Exchange Management Shell to set the external URL of the Client Access server in site 2 to null.

To perform this procedure, the account you use must be delegated the Exchange Server Administrator role and membership in the local Administrators group for the target server.

For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.

You can use either the Exchange Management Console or the Exchange Management Shell to set the external URL for the /owa virtual directory to null.

To use the Exchange Management Console to remove the external URL on the Client Access server being proxied to

To use the Exchange Management Shell to set the external URL on the Client Access server being proxied to null

For more information about syntax and parameters, see Set-OwaVirtualDirectory.