TMG Load Balance Exchange 2010. Web Server, Lyncedge
I have TMG with 2 leg topology.
i have configure TMG to publish my owa/cas/hub server in load balance mode.
now, when users need to access those loadblanced OWA, should my A record point to TMG IP or i should have additional IP for this... something like virtual IP..?
do i still need to have any additional rule to set in order to allowed users to access my server...?
I configure my external firewall to NAT my TMG public NIC for OWA.. is that correct..?
If i also want to publish my web server, can i still do it..? since i only have 1 NIC for each interface..
thanks
i have configure TMG to publish my owa/cas/hub server in load balance mode.
now, when users need to access those loadblanced OWA, should my A record point to TMG IP or i should have additional IP for this... something like virtual IP..?
do i still need to have any additional rule to set in order to allowed users to access my server...?
I configure my external firewall to NAT my TMG public NIC for OWA.. is that correct..?
If i also want to publish my web server, can i still do it..? since i only have 1 NIC for each interface..
thanks
Keith Alabaster
If you have load balanced, then you must have a vip
Hello,
When you setup TMG to publish your Exchange server, you would have had to setup a listener, which is associated with an IP on your NIC. Your firewall would need to NAT that IP to a public IP and the A record would point to that public IP.
If you also want to publish a web server, you would need to setup a new web publishing rule in TMG. You will also need a new web listener since you would be using FBA authentication for Exchange and likely no authentication for your web server. This will require a second IP on the public facing NIC of your TMG server. This IP would need to NAT as a new public IP and you would create your A record to point to the public IP.
JJ
When you setup TMG to publish your Exchange server, you would have had to setup a listener, which is associated with an IP on your NIC. Your firewall would need to NAT that IP to a public IP and the A record would point to that public IP.
If you also want to publish a web server, you would need to setup a new web publishing rule in TMG. You will also need a new web listener since you would be using FBA authentication for Exchange and likely no authentication for your web server. This will require a second IP on the public facing NIC of your TMG server. This IP would need to NAT as a new public IP and you would create your A record to point to the public IP.
JJ
ASKER
Thanks JJ... so.. can i say that if i need to publish more than 1 application through TMG... i wil l need to have 1 public NIC for 1 url right...?
let say, 10.0.1.1 - OWA/Exchange, 10.0.1.2, web and ..
thanks
let say, 10.0.1.1 - OWA/Exchange, 10.0.1.2, web and ..
thanks
You only need 1 NIC. It is multiple IPs on that NIC that you need and you only need one IP per listener. You can use the same listener for multiple web apps as long as the authentication mechanism is the same and the SSL cert is the same, if you are using one.
JJ
JJ
ASKER
thanks JJ,... if i need to access my web server from LAN, i should do the samething for my internal NIC right..?
ASKER
im confius.... i got 2 nic in TMG.. LAN is 192.168.1.56 and DMZ is 172.16.1.56
when i configure the listener... my NIC should be DMZ right...?
i m internal users need to access, they will use LAN nic or DMZ nic..?
when i configure the listener... my NIC should be DMZ right...?
i m internal users need to access, they will use LAN nic or DMZ nic..?
Yes, you configure the listener on the public facing NIC, which would be your DMZ NIC. You always use the public NIC for client access. If you don't want your internal users using the public IP, you would setup an internal hostname that points to the DMZ IP.
JJ
JJ
ASKER
HI JJ....
so far... we managed to configure TMG to LB our cas/hub. but, can we load balance SMTP as well...? we found that in order to have TMG work for SMTP, we need to have Edge in place...?
is that true..?
or do you have any reference that we can refer to..?
currently we have smtp from external to internal routing issue.
thanks
so far... we managed to configure TMG to LB our cas/hub. but, can we load balance SMTP as well...? we found that in order to have TMG work for SMTP, we need to have Edge in place...?
is that true..?
or do you have any reference that we can refer to..?
currently we have smtp from external to internal routing issue.
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi JJ... thanks for the input. so can i say that in order to have SMTP Load Balancing, i either
configure NLB for my cas/hub server, then publish via TMG..? OR, NLB actually just for
Client/Server connection, not for smtp..?
thanks
configure NLB for my cas/hub server, then publish via TMG..? OR, NLB actually just for
Client/Server connection, not for smtp..?
thanks
Yes, you can do it either way.
JJ
JJ