Solved

Design ET & HT with ISA 2004

Posted on 2011-09-24
1
390 Views
Last Modified: 2012-05-12
Hi EE,

Has anyone implemented the below design and got it  working without any issue:

Server
ISA 2004/06, Edge Transport & Hub Transport

Exchange Server
Mailbox etc

Further questions:
When you installed the ET and HT together inside the firewall like ISA, do you open all traffic first in the first instance so that ET and HT can communicate to the Mailbox role.
If successful, then allow only outbound and inbound traffic to go through to  ET , HT , Mailbox server?
Putting the ET and HT in the DMZ is not any easy task, what other consideration I have to take to make this design to work succesfully (e.g., ligh weight ad)
Consolidating ET and HT role a good practice?

Appreciate your help.
0
Comment
Question by:mcse2007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
araberuni earned 250 total points
ID: 36594142
First of all, you can publish Exchange through ISA 2006. You need to amend your design.

MBX, HT, CAS----Stays in internal network
ET----DMZ network

you dont need to open all ports for ET. Only necessary ports will do the trick.

ref:
http://technet.microsoft.com/en-us/library/bb124701.aspx
http://microsoftguru.com.au/2009/11/16/exchange-server-2010-edge-transport-role/
http://technet.microsoft.com/en-us/library/bb124024.aspx

you need to configure reverse proxy for CAS Server http://microsoftguru.com.au/2010/08/08/how-to-configure-reverse-proxy-using-forefront-tmg-2010-step-by-step/

Hope this helps.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video discusses moving either the default database or any database to a new volume.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question