Re: Proxy

You can very definitely have an external certificate on your ISA 2006 server and an internal certificate on your CAS servers and have everything work perfectly. In fact, that's the way I set it up for all my customers. Just be sure to configure your internal and external server names and URLs properly in the myriad PowerShell cmdlets for the various services.
--
Ed Crowley MVP
"There are seldom good technological solutions to behavioral problems."
..

"create_share" <createshare@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:88C251EB-CD5D-49E4-A348-BF661378478D@xxxxxxxxxxxxxxxx
Thanks for your reply. Actually i have a problem with my Exchange 2007
Security Certificate as i stated in a post a few days ago. My internal domain
name does not match with my external domain name. No problem but my internal
domain name also exists on the internet and i cannot include my exhange's
FQDN in my certificate. Due to this my users are getting a certificate error
"The name on the security certificate is invalid or does not match the name
of the site".

To avoide this error on user machines i have configured ISA as proxy for
everybody thourgh Group Policy. Ifi add my Internal Domain in ISA Internal
Domain list then the certificate error will appear on every computer when
they open outlook even proxy is configured. I have been unable to find a
quick solution to this problem. Mr. Ed Crowley suggested a solution for my
problem which was to install an internal CA, generate a certificate for
Exchange 2007 and install the 3rd party certificate on the firewall. I don't
know if it can solve my problem or not and if there is any document to
accomplish this or not.

Thanks!

"Tony Brown" wrote:

well.. I'll provide links :)

http://support.microsoft.com/kb/274846 >> Group policy

http://forums.isaserver.org/m_2002085410/mpage_1/key_/tm.htm#2002085410 >>
ISA Server

But you should only have to do it in Group Policy.

Tony Brown MCSE +M +S
www.phillipstaylorbrown.com

"create_share" <createshare@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5F0C63D6-9F80-4A75-A4B0-D48F5B096173@xxxxxxxxxxxxxxxx
> Yes plz. Can you provide some instructions both for GP and ISA?
>
> Thanks!
>
> "Tony Brown" wrote:
>
>> I had the same issue before... It's because OOOA on Outlook 2007 on >> uses
>> IIS - you'll probably find Outlook 2003 works fine and so does OWA.
>>
>> The best and fastest way to fix is to put IE exclusions for the mail
>> server
>> urls in Group policy.
>>
>> You can also add the exclusions on the ISA box if you'd rather.
>>
>> Let me know if you need explicit instructions.
>>
>> Tony Brown MCSE +M +S
>> www.phillipstaylorbrown.com
>>
>> "Rich Matheisen [MVP]" <richnews@xxxxxxxxxxxxxxxxxxxxx> wrote in >> message
>> news:es4ab59qejp89669lgqubrc2il9geejlpt@xxxxxxxxxx
>> > On Sat, 19 Sep 2009 05:17:02 -0700, create_share
>> > <createshare@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>> >
>> >>If i use ISA as Proxy in internet explorer for my users then Out of
>> >>office
>> >>assistant does not work and gives an error the "Your out of office
>> >>settings
>> >>cannot be displayed, because the server is currently unavailable. >> >>Try
>> >>again
>> >>later".
>> >>
>> >>It works if i disable IE Proxy.
>> >>
>> >>Any solution?
>> >
>> > Exchange 2007, I assume?
>> >
>> > For whatever reason, the client can't connect to the CAS server.
>> >
>> > Are you using the ISA server as a proxy even for local addresses? Is
>> > this a problem for people within your own LAN or for just people
>> > connecting from the Internet? How is IE configured to use the proxy?
>> > Does it /always/ use the proxy (not a good idea if your not on the
>> > company LAN) or does it try to auto-detect the proxy?
>> > ---
>> > Rich Matheisen
>> > MCSE+I, Exchange MVP
>>
>>

.

Loading