Exchange Hybrid with ISA/TMG/UAG

So you wanne have Exchange Hybrid with either ISA, TMG or UAG.

Maybe because you allready have OnPrem Exchange with pre-authentication in your ISA/TMG/UAG.

Well, the easy answer is: It will not work!


Because some services required in Hybrid doesn’t work with pre-authentication.

Can you fix it? Yes!

You need to make an optional DNS Name  and make a rule with pass-trough setting.

This is recommended for these services:
Exchange Web Services (connecting to mrsproxy,etc)
Autodiscover (redirect users to Exchange Online OWA)

Or just bypass the ISA/TMG/UAG Server and forward all connections to your Hybrid Exchange Server.


Best Practice / HOWTO Configure TMG for Hybrid Exchange.

Office 365 Community Forum Post

Leave a Reply


I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts