Solved

Publishing Exchange 2007 Outlook Web Access and Activesync using different URLs/FQDN

Posted on 2010-08-16
6
776 Views
Last Modified: 2012-05-10
I need to publish activsync for mobile phones, and outlook web access using different authentication mechanism, thus needing different web listeners and different public IP-addresses.

btw - I'll publish using Forefront TMG 2010

But now I need to be able to publish exchange using two different URLs/FQDNs, preferably on different web sites - so i can use two ordinary certificates.

explaind:
mobile.domain.edu - for Active sync, web listener on public IP: 80.80.80.80
owa.domain.edu - for Outlook web access, web listener on public IP: 80.80.80.81

But doing this on the same web site, I'll need a UC/SAN certificate, I already have a plain SSL certificate, and would prefer to buy just a new SSL and use with the other URL.

Is this possible, or is it easier to deploy UC/SAN certificates? and if so - any experience with certificatesforexchange.com ?
0
Comment
Question by:Jakob Digranes
6 Comments
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33444937
it is easiest to deploy this using a UC/SAN certificate
there are many solutions in experts exchange covering this topic
0
 
LVL 1

Expert Comment

by:trial1982
ID: 33445269
Well if you woulden't mind using the same name for both urls, it did be also easier as well.
0
 
LVL 21

Author Comment

by:Jakob Digranes
ID: 33445475
cannot use the same name, as I have different web listeners and different public IPs ..
Looking into UC/SAN cert from certficatesfromexchange.com -
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 10

Expert Comment

by:simonlimon
ID: 33495567
Why don't you use SSL-bridging? You terminate the SSL on the TMG, forward the requests to the Exchange which is also SSL secure but with its own certificate. External clients only access the external URL.

You would use just one certificate on the Exchange.

Create a publishing rule for Activesync and OWA, creating a listener for each with its certificate. If you are feeling adventorous you can use a SAN certificate on the TMG and publish using one listener and 1 IP. You would use the same listener for different publishing rules.
0
 
LVL 21

Author Closing Comment

by:Jakob Digranes
ID: 33513914
Thanks --- proved to be the easiest way,
0
 
LVL 21

Author Comment

by:Jakob Digranes
ID: 33513923
certificatesforexchange.com

Cheap - but a rather odd way of confirming the domain

at least, now it works.
Up and running with active sync for mobile phones, and webmail with swivel pinsafe and AD username two factor
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question