Solved

Design ET & HT with ISA 2004

Posted on 2011-09-24
1
388 Views
Last Modified: 2012-05-12
Hi EE,

Has anyone implemented the below design and got it  working without any issue:

Server
ISA 2004/06, Edge Transport & Hub Transport

Exchange Server
Mailbox etc

Further questions:
When you installed the ET and HT together inside the firewall like ISA, do you open all traffic first in the first instance so that ET and HT can communicate to the Mailbox role.
If successful, then allow only outbound and inbound traffic to go through to  ET , HT , Mailbox server?
Putting the ET and HT in the DMZ is not any easy task, what other consideration I have to take to make this design to work succesfully (e.g., ligh weight ad)
Consolidating ET and HT role a good practice?

Appreciate your help.
0
Comment
Question by:mcse2007
1 Comment
 
LVL 9

Accepted Solution

by:
araberuni earned 250 total points
ID: 36594142
First of all, you can publish Exchange through ISA 2006. You need to amend your design.

MBX, HT, CAS----Stays in internal network
ET----DMZ network

you dont need to open all ports for ET. Only necessary ports will do the trick.

ref:
http://technet.microsoft.com/en-us/library/bb124701.aspx
http://microsoftguru.com.au/2009/11/16/exchange-server-2010-edge-transport-role/
http://technet.microsoft.com/en-us/library/bb124024.aspx

you need to configure reverse proxy for CAS Server http://microsoftguru.com.au/2010/08/08/how-to-configure-reverse-proxy-using-forefront-tmg-2010-step-by-step/

Hope this helps.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Domain Administrator locked out "Again" 7 52
Domian name change 12 23
Debug script powershell wmi 3 15
EXCH2013 IIS 4 10
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question