We have four Windows 2008 R2 servers hosting Exchange 2010 CAS/HUB Transport roles combined on each, we are having an issue where these hosts are trying to connect to a front-end pool IP address in the DMZ every few seconds using HTTPS. I would like
to know if there is a way to trace which application could be generating this SSL traffic from within those hosts, as it is Exchange doesn't seem to be the culprit but not 100% sure. We run some websites behind this IP address in the DMZ, but
nothing related to Exchange; therefore perhaps something on the system side, but haven't been able to locate any entries on the logs that could point us to an application. Any suggestions are appreciated.
FLaidman