[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 347
  • Last Modified:

Can ISA 2006 host 2010 OWA as well as Outlook Anywhere

We currently have a 2006 ISA listening for OWA requests, with RSA Securid tag auth, to our internal Exchange 2010 OWA.
We want to start using Outlook Anywhere - will the ISA happily publish and manage rules for OA as well as OWA/Securid ?

Do we use the same external DNS name as OWA for the OA ?

Can we use the same SSL certificate for both products ?

Thanks
0
DoveSupport
Asked:
DoveSupport
  • 4
  • 3
2 Solutions
 
Simon Butler (Sembee)ConsultantCommented:
It will happily support Outlook Anywhere as well.
You will need to use a different listener. The same SSL certificate can probably be used, as long as your OWA listener is setup correctly.

Simon.
0
 
DoveSupportAuthor Commented:
Thanks, Simon. Am I correct in thinking we'll have to use a different DNS CName for the listener ?
I've tried making the OA publishing rule, with a new listener on SSL, but I get an error about the existing listener being on the same port as my new one ?
0
 
Joseph NyaemaIT ConsultantCommented:
Hi DoveSupport,

You only need to configure one listener,
The differnece is you will need to disable form based authentication on the OWA virtual directory and have it done on the ISA server.
Please follow steps on this link Publishing Exchange Server 2007 with ISA Server 2006. Steps are for Exchange 2007 but also apply to Exchange 2010
Also don't forget to install RPC over HTTP on the Client Access server.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
DoveSupportAuthor Commented:
Nyeama, the listener we have on the ISA uses RSA Securid auth, to get users to verify themselves. We can't use this listener for OA - we'll not have happy people who need to use their RSA tags every time they link to OA . . .
Therefore we need a new listener to use AD auth . . . but how do I configure it ?
0
 
Joseph NyaemaIT ConsultantCommented:
Sorry DoveSuppor,

Missed the RSA Part... You would need to setup a second listener because of the differing authentication methods but on a different IP...
i.e. the OWA/RSA listener listening on one IP (not all) and the OutlookAnwhere on the second IP.
Naturally this means the two would be using two different host records and possibly ssl certificates unless using UCC or SAN certificates.
0
 
DoveSupportAuthor Commented:
Thanks guys, makes sense. Am I correct in my thinking below :- ?

Current setup -

Public IP  -  Firewall  -  ISA External IP  -  ISA  -  ISA Internal IP  -  Firewall/NAT  -  Exchange CAS OWA

New Setup -

Public IP  -  Firewall  -  ISA External IP  -  ISA  -  ISA Internal IP  -  Firewall/NAT  -  Exchange CAS OWA

Public IP 2  -  Firewall  -  ISA Ext IP 2  -  ISA + new listener  -  ISA Int IP 2  -  Firewall/NAT  -  Exchange CAS OA

???
0
 
Joseph NyaemaIT ConsultantCommented:
That's correct DoveSupport.
0
 
DoveSupportAuthor Commented:
Thanks Experts - much appreciated.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now