Allowing external customers access to our Internal sharepoint portal

I have been searching throughout the net and all around here on experts exchange to find a definitive and workable solution to this Issue. Organization have been tackling this for about 12months now. We have our IIS, MOSS and SQL Server internally on our domain.  ISA Server is in our dmz, sharepoint access via SSL with authentication through AD and Certificates.  We have no trust between our sister organization, but require them to access our internal network with all the security measures in-place.  We will be creating shadow accounts in AD for these external customers.    What i'm looking for is a decisive and clear means to  allow external customers on another domain to access our sharepoint portal via ISA.  Any assistance and/or direction is greatly, immensely appreciated.  

Bottom line:   I want to be able to use ISA server while we are building up other servers and infrastructure in our Forest/Domain level for Server 2008 AD FS.  
cgooden01Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andres PeralesCommented:
If they have account in your AD then they should access site just like any other user in the organization.  Via the publicly accessible url for that site.
Can you SharePoint implementation be accessed from the outside of you network?
0
cgooden01Author Commented:
Yes, I understand that point, but currently right now, there is no access outside of the network.  I would like to get to that point that our external users with shadow accounts in AD have the ability to access our accounts.  
0
Andres PeralesCommented:
Alright the best way to accomplish this is to extend your existing SharePoint site collection.  When you extend this site collection put it in the extranet zone.  This in essence creates another SharePoint web application that points to the same data as your internal accessible SharePoint site collection.
You will need to create a FQDN for this site collection as well.  example extranet.mycompany.com.  You then will need to put this into your external DNS point it to your firewall or ISA server that is doing your NAT or publishing. Basically DNS to public IP Address.
You mentioned you were doing ISA so you will then need to publish this new Webapplication / SharePoint site using the pubishing feature of ISA.  This publishing will configure the forwarder for the Public IP address to the internal IP address of the SharePoint server.
Goodluck!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cgooden01Author Commented:
Thank you, will be testing this out throughout the course of the next few days and let you know how this works out.  Thanks Peralesa. Will award points as solution is implemented
0
cgooden01Author Commented:
One other question i have with this, in regards to  creating the A record on my DNS. Can i possibly use the same DNS entry meaning using the same site url internally(e.g https://mypage.com), as well as externally(e.g https://mypage.com), . Would like if possible to take out that additional step for my users.  If i cannot use the same name with the corresponding SSL Certificate, that would mean, i would have to request an additional SSL certificate for the for example (portal.mypage.com). Really trying to get this accomplished within the next 72 hours.

Secondly, on the ISA Server for security measures, should i put in the publishing rule, the internal IP address or external IP address of the Server to ensure our internal DNS is hidden.  I dont want to second guess any of this.  
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.