I would like to publish all of exchange web services(autodiscover, owa, outlook anywhere, activesync) to the internet. -NOT SMTP that is handled seperately from our filtering service.
We currently have an exchange 2010 single server environment with HT,CAS,MBX installed.
Can I create a TMG2010 VM with a SINGLE virtual NIC
joined to the domain on my internal network to handle publishing of Exchange Web Services? Would I just punch holes in the cisco asa firewall and create a NAT on the cisco ASA for HTTP and HTTPS to redirect from external IP for mail.domain.com to the internet IP of the single NIC TMG or is this configuration unsupported or unsecure?
I am trying to avoid have 2 nics on the TMG since the TMG will be a vmware esxi5 and it will be much easier to configure the TMG VM with a single NIC on a single network. It APPEARS(I could be wrong) that I only need a single NIC on the internal network to publish exchange but I wanted to get more feedback in case I am misunderstanding something.
Looking at this link it appears this is a supported configuration but I want to make sure I am not missing anything and I didn't see autodiscover listed: http://technet.microsoft.com/en-us/library/cc995236.aspx
You can publish Web servers and Outlook Web Access servers over HTTP or HTTPS. You can authenticate incoming requests and chain requests to upstream proxies. When you publish Outlook Web Access on a single network adapter computer, the following Outlook Web Access features are available:
Standard Outlook Web Access features such as sending and receiving e-mail, calendars, and other features
Exchange Outlook Mobile Access, ActiveSync, and Outlook RPC over HTTP