A while back we published an article explaining the support constraints that surrounded deploying Exchange 2007 with multiple Outlook Web App (OWA) Virtual Directories (see here http://msexchangeteam.com/archive/2008/01/07/447828.aspx) and as this idea seems to come up more and more frequently, we wanted to do the same for Exchange 2010.
Microsoft supports using multiple OWA and Exchange Control Panel (ECP) virtual directories on a single Exchange 2010 Client Access Server, each in its own website. Each virtual directory must be listening on the standard port (TCP 443) for the site.
NOTE: You must ensure that the Default Web Site is set to All Unassigned for IP, or problems will occur with PowerShell.
There are usually three reasons for choosing this type of configuration. Each of these has slightly different considerations.
If the objective of creating multiple sites is to allow a CAS to offer FBA to internal users, as well as accept proxy or delegated connections from an Internet-facing site or a reverse proxy, each virtual directory will have a different authentication method. The site accessed directly by the user population will be FBA-enabled, the site accepting proxy requests from the Internet facing site — or delegated authentication requests from the firewall, will have IWA enabled (or potentially Basic for the firewall scenario).
Microsoft strongly recommends OWA and ECP virtual directories in the Default Web Site be configured for IWA, leaving the InternalURL as with the default (Server FQDN), making that site and virtual directory the target of proxy requests from other Active Directory sites or delegated connections from the firewall.
Microsoft recommends creating the second OWA/ECP virtual directories in a new IIS web site with a different IP address, and using it for internal client access. By default the new virtual directories will be FBA-enabled, and have no internal or external URL values.
Read complete article at http://msexchangeteam.com/archive/2011/01/17/457664.aspx