Multiple OWA on one IP (no front end back end)

We've had a single Exchange server behind an ISA for awhile. OWA was set up with certificates yada yada. Well. We added a new Exhagne server and anyone on said new server cannot get thier webmail. I created a new certificate for the new exchange server and hooked the certificate onto the ISA server with a new listener. However all requests for the old domain name seemed to want the new certificate. I jiggled a few settings and got the original cert back but is there a was I can trick ISA into allowing both servers to pass through. What if I instaled the older certificate into the new exchange server IIS?
Tennessee_PrideAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tennessee_PrideAuthor Commented:
I tried putting the old certificate in the new server, it asked for a secoind login and didnt return all of the proper stuff..images missing, red x's etc
jabiiiCommented:
Are the servers using the same dns name? could be a client issue.
Tennessee_PrideAuthor Commented:
Well...one server has been published via ISA as webmail.tnpride.com. The new server I was going to publish as dkmail.tnpride.com however the ssl listener is using the webmail.tnpride.com certificate and if I try to create a new listener using 443 it gets all testy and says that the current rule is using the certificate. Basicaly, two internal exchange servers in a non-front end back end configuration trying to publish both OWA sites out of one IP address
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

jabiiiCommented:
hmm, if it's the same iP you should be able to use the came cert, and dns name.
a second cert will only confuse the boxes. and the client machines.

Every time you try to load it, it should give you an error, saying you already had x cert for this box, instead of this one....
Tennessee_PrideAuthor Commented:
So theoretically


External DNS (webmail.tnpride.com 65.105.216.133) ---- (webmail cert on listener)ISA ----------Exchange 1 (webmail cert on IIS) ------- Exchange 2(webmail cert on IIS)
these exchange servers are on different subnets

should I change any hosts files?
SaineolaiCommented:
I think you will run into problems with this configuration.  Have a look at this document for an indepth explaination.  I'm not sure if there are other solutions.

http://www.isaserver.org/tutorials/2004wildcardcert.html

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tennessee_PrideAuthor Commented:
hmmm..I was using Forms based authentication. The walkthrough said to set it for Basic. If I set it or basic and set the exchange http to use forms then one works fine (original one) and the second one gives a 440 login time out error. If I turn off basic on ISA and use Forms then the original exchange server works fine but the second one returns links with no images (red x'x) and a login box on the left colum if you ty to go to any link. very strange stuff..Ill keep bangin on it
Tennessee_PrideAuthor Commented:
The 440 was fixed with this
http://msmvps.com/blogs/cgross/archive/2004/08/08/11472.aspx
but the posted article was pretty much what got me goin.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.