MS TMG - Lync, OWA & Exchange ActiveSync

Posted on 2011-10-12
Last Modified: 2012-06-22
I'm having real issues trying to allow access to Lync, OWA & Exchange ActiveSync from an external client through MS Forefront Threat Management Gateway 2010.

The issue is that they all want to listen port 443, and as I have a Cisco router I can only forward port 443 to a single internal IP address.

I can get Lync working, or I can get OWA & ActiveSync (AS) working, but not both at the same time because OWA & AS require 'HTML Form Authentication' whereas Lync requires 'No Authentication' (on the listener).  As as I can't create two listeners both listening on the same IP and same port number (with different authentication levels) I'm a bit stumped.

Any ideas??
Question by:andrewprouse
    1 Comment

    Accepted Solution

    It's ok, I seem to have resolved my own issue.

    I created one listener for all published rules (with a wildcard cert).  I set the authentication to 'HTML Form' and then set the 'rule authentication' as follows:

    Lync - no delegation, but client may auth directly
    OWA - basic auth
    AS - basic auth

    and now all seems to work :)

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Set OWA language and time zone in Exchange for individuals, all users or per database.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now