Browse All Articles > Exchange 2010 OWA, Autodiscover and POP3/IMAP4 Setting verification through TMG
I have seen a number of questions relating to Exchange 2010 OWA, Autodiscover and POP3/IMAP4 Settings using a TMG server so I thought that I would write this article for you to verify your settings. I will only list the most important tabs and not every single one of them.
ASSUMPTIONS
1. In this article I will assume that you have already created listeners etc. on TMG but it is not working because of some settings that might be missing, so this is to ensure that your settings are correct.
2. I also assume that you have already installed and configured your UCC SSL Certificate from an external Authoritative Certificate Provider.
VERY IMPORTANT NOTES:
ON TMG OUTLOOK ANYWHERE PUBLISHING RULE
On "Outlook Anywhere Publishing Rule - Public Name Tab" ensure that you have your autodiscover.domain.com and exchange.domain.com (the exchange one could be your mail.domain.com or what ever you use for your cas array) entered, as this is the primary reason why Outlook Anywhere does not work
ON BOTH EXCHANGE AND TMG
You have to use the same authentication methods on both sides
ON EXCHANGE 2010 SERVER
1. Open EMC and expland Server Configuration > Client Access
OWA Settings 2. Select your CAS Server and on the bottom tabs select Outlook Web App
3. Now right click on owa (Default Web Site) and click on properties
4. Now ensure that your settings are as follow:
OWA - General Tab NB: Use your external url as internal URL and External URL
OWA - Authentication Tab OWA - Public Computer File Access Tab OWA - Private Computer File Access Tab Autodiscover Settings
5. Open EMC and expland Server Configuration > Client Access
6. Right click on your CAS Server and click properties
7. Select the Outlook Anywhere tab and ensure that you have your External host name entered and have Basic Authentication selected.
POP3 and IMAP4 Settings
POP3
8. Open EMC and expland Server Configuration > Client Access
9. Select your CAS Server and select the POP3 and IMAP4 tab
10. Right click POP3 and click properties
POP3 - Binding Tab POP3 - Authentication Tab IMAP4
11. Open EMC and expland Server Configuration > Client Access
12. Select your CAS Server and select the POP3 and IMAP4 tab
13. Right click IMAP4 and click properties
IMAP4 - Binding Tab IMAP5 - Authentication Tab ON TMG SERVER
OWA SETTINGS ON TMG
1. Open Forefront TMG Management by doing the following: Click Start > All Programs > Microsoft Forefront TMG > Forefront TMG Management
2. Now Expand Forefront TMG > Firewall Policy
3. Ensure that your OWA Publishing rule has the following settings:
OWA Publishing Rule - Action Tab OWA Publishing Rule - From Tab OWA Publishing Rule - To Tab
NB: I have got my CAS Array IP in the "Computer name or IP address" field
OWA Publishing Rule - Traffic Tab OWA Publishing Rule - Listener Tab
NB: Will show you the Listener tabs in more detail at the end of this article.
OWA Publishing Rule - Public Name Tab OWA Publishing Rule - Paths Tab OWA Publishing Rule - Authentication Delegation Tab OWA Publishing Rule - Application Settings Tab OWA Publishing Rule - Bridging Tab OWA Publishing Rule - Users Tab OWA Publishing Rule - Schedule Tab OUTLOOK ANYWHERE SETTINGS ON TMG
Once again:
1. Open Forefront TMG Management by doing the following: Click Start > All Programs > Microsoft Forefront TMG > Forefront TMG Management
2. Now Expand Forefront TMG > Firewall Policy
3. Ensure that your Outlook Anywhere RPC/HTTPS Publishing rule has the following settings:
Outlook Anywhere Publishing Rule - Action Tab Outlook Anywhere Publishing Rule - From Tab Outlook Anywhere Publishing Rule - To Tab Outlook Anywhere Publishing Rule - Traffic Tab Outlook Anywhere Publishing Rule - Listener Tab Outlook Anywhere Publishing Rule - Public Name Tab
NB: YOU MUST HAVE YOUR autodiscover.domain.com AND exchange.domain.com (the exchange one could be your mail.domain.com or what ever you use for your cas array and both would be your external url's)
Outlook Anywhere Publishing Rule - Paths Tab Outlook Anywhere Publishing Rule - Authentication Delegation Tab Outlook Anywhere Publishing Rule - Application Settings Tab Outlook Anywhere Publishing Rule - Bridging Tab Outlook Anywhere Publishing Rule - Users Tab
POP3 AND IMAP4 SETTINGS ON TMG
These settings are pretty standard, and ones again you would just need to ensure that Authentication is set to the exact same on TMG and Exchange.
EXCHANGE LISTENER SETTINGS ON TMG
Listener Settings on TMG - Authentication Tab Listener Settings on TMG - Forms Tab Listener Settings on TMG - SSO Tab Listener Settings on TMG - Connections Tab Listener Settings on TMG - Certificates Tab LAST THOUGHT:
In order for you certificate to be installed correctly you need to install the certificate on the local machine on TMG and in AD.
If this article was helpful please vote for it and leave a comment?
Comments (0)