Solved

New Exchange 2003 Installation - ISA Server Function Clarification Please

Posted on 2006-06-23
3
227 Views
Last Modified: 2010-03-06
Can a Microsoft ISA Server installed in the DMZ and configured as a Front End to an Exchange Server 2003 installed on internal LAN also perform role of Web & FTP server?

In other words, can I set up a Windows 2003 server in the DMZ to be all 3 (ISA, Web, & FTP) server?

I have to install a new E-Mail server for our small organization (35 users, 80 PCs, 2 W2K3 Servers) and install Microsoft Exchange 2003 on it.  I do not want to put Exchange 2003 server in DMZ but must set up services for external access like OWA, RPC over HTTP, etc.

We have a PIX firewall, maybe I should not worry about putting Exchange Server 2003 in DMZ, but it would be better not to, correct?

And if I add another Windows server in the DMZ in this triple role would it would not have to be configured as a member server in our AD domain that exists behind INSIDE PIX interface on internal LAN, correct?

What if I brought our Compaq Proliant ML 350 out of retirement for this job?  Could it do the job if wiped & reloaded with Microsoft Windows Server 2003 & ISA?

A complete Exchange Novice,
DALVIS

0
Comment
Question by:dealvis
  • 2
3 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 16971939
On a small site, I wouldn't bother with an ISA. I would just have the traffic going straight to the Exchange server. You only need two ports open - 25 and 443.

If you insist - then the machine needs to be in a workgroup and it can do whatever you like if configured correctly. I have deployed ISA machines as SMTP relays as well in the past.
As long as the machine is capable of running Windows 2003 then it would be fine for the job.

Simon.
0
 

Author Comment

by:dealvis
ID: 16972818
Thank You Simon for responding.  Some clarification please, are you saying you would install Exchange Server 2003 on the internal LAN behind the PIX INSIDE interface (and not the DMZ?)
0
 
LVL 104

Accepted Solution

by:
Sembee earned 125 total points
ID: 16974405
Correct.
Exchange doesn't belong in the DMZ, the number of ports that you have to open for it to work correctly makes the DMZ effectively useless.

Simon.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Find out what you should include to make the best professional email signature for your organization.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question