Solved

Design ET & HT with ISA 2004

Posted on 2011-09-24
1
384 Views
Last Modified: 2012-05-12
Hi EE,

Has anyone implemented the below design and got it  working without any issue:

Server
ISA 2004/06, Edge Transport & Hub Transport

Exchange Server
Mailbox etc

Further questions:
When you installed the ET and HT together inside the firewall like ISA, do you open all traffic first in the first instance so that ET and HT can communicate to the Mailbox role.
If successful, then allow only outbound and inbound traffic to go through to  ET , HT , Mailbox server?
Putting the ET and HT in the DMZ is not any easy task, what other consideration I have to take to make this design to work succesfully (e.g., ligh weight ad)
Consolidating ET and HT role a good practice?

Appreciate your help.
0
Comment
Question by:mcse2007
1 Comment
 
LVL 9

Accepted Solution

by:
araberuni earned 250 total points
ID: 36594142
First of all, you can publish Exchange through ISA 2006. You need to amend your design.

MBX, HT, CAS----Stays in internal network
ET----DMZ network

you dont need to open all ports for ET. Only necessary ports will do the trick.

ref:
http://technet.microsoft.com/en-us/library/bb124701.aspx
http://microsoftguru.com.au/2009/11/16/exchange-server-2010-edge-transport-role/
http://technet.microsoft.com/en-us/library/bb124024.aspx

you need to configure reverse proxy for CAS Server http://microsoftguru.com.au/2010/08/08/how-to-configure-reverse-proxy-using-forefront-tmg-2010-step-by-step/

Hope this helps.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now