Can ISA 2006 host 2010 OWA as well as Outlook Anywhere

We currently have a 2006 ISA listening for OWA requests, with RSA Securid tag auth, to our internal Exchange 2010 OWA.
We want to start using Outlook Anywhere - will the ISA happily publish and manage rules for OA as well as OWA/Securid ?

Do we use the same external DNS name as OWA for the OA ?

Can we use the same SSL certificate for both products ?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
It will happily support Outlook Anywhere as well.
You will need to use a different listener. The same SSL certificate can probably be used, as long as your OWA listener is setup correctly.

DoveSupportAuthor Commented:
Thanks, Simon. Am I correct in thinking we'll have to use a different DNS CName for the listener ?
I've tried making the OA publishing rule, with a new listener on SSL, but I get an error about the existing listener being on the same port as my new one ?
Joseph NyaemaIT ConsultantCommented:
Hi DoveSupport,

You only need to configure one listener,
The differnece is you will need to disable form based authentication on the OWA virtual directory and have it done on the ISA server.
Please follow steps on this link Publishing Exchange Server 2007 with ISA Server 2006. Steps are for Exchange 2007 but also apply to Exchange 2010
Also don't forget to install RPC over HTTP on the Client Access server.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

DoveSupportAuthor Commented:
Nyeama, the listener we have on the ISA uses RSA Securid auth, to get users to verify themselves. We can't use this listener for OA - we'll not have happy people who need to use their RSA tags every time they link to OA . . .
Therefore we need a new listener to use AD auth . . . but how do I configure it ?
Joseph NyaemaIT ConsultantCommented:
Sorry DoveSuppor,

Missed the RSA Part... You would need to setup a second listener because of the differing authentication methods but on a different IP...
i.e. the OWA/RSA listener listening on one IP (not all) and the OutlookAnwhere on the second IP.
Naturally this means the two would be using two different host records and possibly ssl certificates unless using UCC or SAN certificates.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DoveSupportAuthor Commented:
Thanks guys, makes sense. Am I correct in my thinking below :- ?

Current setup -

Public IP  -  Firewall  -  ISA External IP  -  ISA  -  ISA Internal IP  -  Firewall/NAT  -  Exchange CAS OWA

New Setup -

Public IP  -  Firewall  -  ISA External IP  -  ISA  -  ISA Internal IP  -  Firewall/NAT  -  Exchange CAS OWA

Public IP 2  -  Firewall  -  ISA Ext IP 2  -  ISA + new listener  -  ISA Int IP 2  -  Firewall/NAT  -  Exchange CAS OA

Joseph NyaemaIT ConsultantCommented:
That's correct DoveSupport.
DoveSupportAuthor Commented:
Thanks Experts - much appreciated.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.