Solved

Publishing Exchange 2007 Outlook Web Access and Activesync using different URLs/FQDN

Posted on 2010-08-16
6
781 Views
Last Modified: 2012-05-10
I need to publish activsync for mobile phones, and outlook web access using different authentication mechanism, thus needing different web listeners and different public IP-addresses.

btw - I'll publish using Forefront TMG 2010

But now I need to be able to publish exchange using two different URLs/FQDNs, preferably on different web sites - so i can use two ordinary certificates.

explaind:
mobile.domain.edu - for Active sync, web listener on public IP: 80.80.80.80
owa.domain.edu - for Outlook web access, web listener on public IP: 80.80.80.81

But doing this on the same web site, I'll need a UC/SAN certificate, I already have a plain SSL certificate, and would prefer to buy just a new SSL and use with the other URL.

Is this possible, or is it easier to deploy UC/SAN certificates? and if so - any experience with certificatesforexchange.com ?
0
Comment
Question by:Jakob Digranes
6 Comments
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33444937
it is easiest to deploy this using a UC/SAN certificate
there are many solutions in experts exchange covering this topic
0
 
LVL 1

Expert Comment

by:trial1982
ID: 33445269
Well if you woulden't mind using the same name for both urls, it did be also easier as well.
0
 
LVL 21

Author Comment

by:Jakob Digranes
ID: 33445475
cannot use the same name, as I have different web listeners and different public IPs ..
Looking into UC/SAN cert from certficatesfromexchange.com -
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 10

Expert Comment

by:simonlimon
ID: 33495567
Why don't you use SSL-bridging? You terminate the SSL on the TMG, forward the requests to the Exchange which is also SSL secure but with its own certificate. External clients only access the external URL.

You would use just one certificate on the Exchange.

Create a publishing rule for Activesync and OWA, creating a listener for each with its certificate. If you are feeling adventorous you can use a SAN certificate on the TMG and publish using one listener and 1 IP. You would use the same listener for different publishing rules.
0
 
LVL 21

Author Closing Comment

by:Jakob Digranes
ID: 33513914
Thanks --- proved to be the easiest way,
0
 
LVL 21

Author Comment

by:Jakob Digranes
ID: 33513923
certificatesforexchange.com

Cheap - but a rather odd way of confirming the domain

at least, now it works.
Up and running with active sync for mobile phones, and webmail with swivel pinsafe and AD username two factor
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Read this checklist to learn more about the 15 things you should never include in an email signature.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question