I have a few spare points so I thought I would through some good points out for the answer.
I have two ISA boxes running back to back.
My problem is that I have an exchange server on my internal network which I would like to host pop3 or perhaps even Outlook web access.
My external ISA box is a stand alone ISA server doesnt really have alot on it. Mainly just for the purpose of screening before the internal network.
I feel like forwarding from the external ISA to the internal ISA box to the published exchange server would work fine. However this would appear that the external users would then be directly connected to the internal exchange server. Is my thinking correct here ?
Is there some way to have some form of authentication on the external ISA box which forwards to the internal ISA box to the exchange server. I feel like forwarding is a little insecure and there has to be a better way.
Perhaps even the use of SSL - SSL would be my preferred method, is it poosible ? and how ?