Solved

exchange 2007

Posted on 2011-03-15
8
170 Views
Last Modified: 2012-05-11
current setup
one exchange server 2007 (in the backend LAN)
one smtp server (iis 6) on the front end or DMZ
only outgoing email as of right now was needed

new requirement
i now kneed to have a full functioning email system with active sync for devices on the internet
will need to have about 150 users connect to this email system

my question is do i need  to replace my SMTP relay server currently inplace with a exchange front end server, and where will the active sync be installed
0
Comment
Question by:dano992
  • 3
  • 3
  • 2
8 Comments
 
LVL 49

Expert Comment

by:Akhater
Comment Utility
You need to open port 443 directly to you exchange CAS server if you don't like this you need a reverese proxy server like ISA/TMG
0
 

Author Comment

by:dano992
Comment Utility
do i need to replace the IIS smtp relay server on my DMZ with a front end exchange 2007 server?
0
 
LVL 7

Accepted Solution

by:
mmicha earned 500 total points
Comment Utility
You will need to open port 443.  Based on your description it sounds like your Exchange server is handling all the roles.

You'll also need/should get a SSL certificate if the server is going to be accessed from the outside.  ActiveSync can't use the self signed certificate that is standard on an Exchange 2007 install.  Some of these changes may require DNS updates as well.

For example, you may want mail.example.com to go to your webmail.  You could then use that same address for ActiveSync.  

Hope that helps...
0
 
LVL 49

Expert Comment

by:Akhater
Comment Utility
No you don't need to replace your SMTP relay it has nothing to do
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 
LVL 7

Expert Comment

by:mmicha
Comment Utility
Dano992,

You don't have to replace it on the DMZ, but you do have to open ports (443) and map your external ip and that port to the internal ip of your Exchange server.

Though, you could install an Edge Transport Role in the DMZ and use it and remove the IIS smtp.
0
 

Author Comment

by:dano992
Comment Utility
lets see if i understand this correctly
i can use the existing SMTP thta is on my dmz or i can replace it with a edge transport
i should purchase a SSL (mail.mydomain,com) for the active sync and install in on my mailbox server
(same ssl for web mail and active sync)
obviously open port 443 and cretae the approriate DNS records on my name servers
0
 
LVL 49

Expert Comment

by:Akhater
Comment Utility
perfectly correct
0
 
LVL 7

Expert Comment

by:mmicha
Comment Utility
Dano992,

Those are the basic steps you need to take.  I'd maybe try it in a lab environment first.  That is how I do everything to make sure I fully understand.  You can skimp on the SSL certificate in a lab and just use a mobile device that supports active sync.  It may kick a warning up that you can usually ignore.
 
You may find the following setup valuable when setting things up and testing:
https://www.testexchangeconnectivity.com/
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now