In the Exchange2010 architecture, each AD site should have its own CAS role server deployed. When multiple Client Access servers are present in different Active Directory sites in the same organization and only one is exposed to the Internet, the one can act as a proxy for the others.
In Exchange2010, CAS communicates with mailbox server over RPC. At least one CAS is needed for each Active Directory site that contains a mailbox server.Proxying occurs when one Client Access server sends traffic to another Client Access server. Microsoft TechNet introduced two situation for the proxying, between Exchange2010 Client Access servers or across Exchange2010 Client Access server to Exchange2007 Client Access server.
Proxying is supported for clients that use Outlook Web App, Exchange ActiveSync, and Exchange Web Services. Availability service proxying is not included because it has its own built-in logic for handling proxying. Proxying won't work for Post Office Protocol version 3 (POP3) or Internet Message Access Protocol version 4rev1 (IMAP4) clients. A client who's using POP3 or IMAP4 must connect to a Client Access server in the same Active Directory site as their Mailbox server.
The destination Client Access server should run the same or an earlier version of Microsoft Exchange than the source Client Access server. That is to say, the destination server which facing the Internet could be deployed Exchange 2007 or Exchange 2010 if the source CAS is only Exchange2010. But if the source CAS contained Exchange 2007, the destination Client Access server must be a Exchange2007.