Kozzn
asked on
Move Exchange 2007 Client Access Role to another server in DMZ
Hi,
I have a windows 2003 domain with an exchange 2007 as mailserver installed.
All exchange roles are installed on the exchange 2007 server, except the edge server, the 'edge' is installed on a windows 2008 foundation server in the DMZ zone.
Now, our company policy said that the 'OWA' can 't be published through port80/443 on our firewall to the exchange server on our LAN.
If I have to follow that policy, I read about 2 options:
ISA server installation in the DMZ or moving the exchange 'CAS' role to the DMZ.
So my question is, what is the best option (are other opions), what is possible?
I prefer to move the 'CAS' role to the DMZ, an ISA-server is again an extra license...
Can I move the 'CAS' role onto the edge server? or do I have to install a second 64bit server in the DMZ?
If it's not possible to install it on the same server/platform as the edge, can I make an virtual 'CAS' on that server?
thx
I have a windows 2003 domain with an exchange 2007 as mailserver installed.
All exchange roles are installed on the exchange 2007 server, except the edge server, the 'edge' is installed on a windows 2008 foundation server in the DMZ zone.
Now, our company policy said that the 'OWA' can 't be published through port80/443 on our firewall to the exchange server on our LAN.
If I have to follow that policy, I read about 2 options:
ISA server installation in the DMZ or moving the exchange 'CAS' role to the DMZ.
So my question is, what is the best option (are other opions), what is possible?
I prefer to move the 'CAS' role to the DMZ, an ISA-server is again an extra license...
Can I move the 'CAS' role onto the edge server? or do I have to install a second 64bit server in the DMZ?
If it's not possible to install it on the same server/platform as the edge, can I make an virtual 'CAS' on that server?
thx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thx for the info, i have reasons/info enough to go for the publishing through 443 on our firewall.
thx
thx
ASKER
I'm going to keep the CAS in my internal network.
The problem is the connection from internet to Exchange 2007 for our Iphones...
Iphone connects to OWA for mail syncronisation.
If I want to publish OWA through the firewall through port 443 (or another port 8443), where do i have to config these settings in exchange?
If publishing through the firewall will not be permited, and ISA is our only option, which version do I have to buy?
What about the price for the isa license?
It's only for the iphone connection, we must see if it's that worth..
thx