Alright, I know that I'm making this more complicated than it needs to be but I'm filling in roles that I am not so great at... so...
Our company just brought in local internet (it was through a shared connection to a parent company). I have a Cisco ASA 5510 facing the Internet with security essentials for the few users that need to VPN in. I also have ~30 EZVPN connections to clients that connect directly to the ASA. I'm in the process of bringing exchange locally and am looking at how to set this up correctly, 85% of my user base uses OWA now (hosted at parent company) so a working internal and external OWA is the most critical of what I'm asking.
Our internal to external web traffic looks like this right now (Client --> ISA2006 Proxy --> ISA Web Chaining to Sophos Web filter (for logging users) --> ASA 5510 --> Cloud.
When I signed up through our ISP I got 4 external IP addresses so here is my theory (please bash this extensively). Our VPN is already hosted on x.x.x.1 address using 443 so I figured I could NAT to the second outside IP of x.x.x.2 to an internal TMG 2010 server (I've heard that it works really well with Exchange 2010). I would want the TMG to listen to http headers (I'm unsure if it does this) and I could use it to redirect web traffic to specified internal servers if so.
Most of what I'm here to ask, is if I have the right idea or if I'm completely being an idiot and over thinking everything. This is my first firewall and exchange project, so I'm willing to put myself out there and absorb as much info as I can.