E2K7 Edge Transport and ISA Server 2006

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hi,

We made a setup of multi-role E2K7 Server (MBX/CAS/HUB, named e2k7domain.int
on our internal network), now we want to achieve greater security and
enhancements for our external/mobile clients using OWA, EAS and OAW with ISA
Server 2006 and Edge Transport Server.

Since we are going to replace the now in use external firewall (Cisco) with
ISA Server 2006 to fully protect our WAN/LAN/DMZ network, we are going to
put the ISA on the internet with a public ip-adress and then the Edge
Transport server behind it (on a DMZ).

We have red through the Ms article
http://www.microsoft.com/technet/isa/2006/deployment/exchange.mspx for the
publishing of the websites etc. Not much info here about coexistence with
Edge Transport and different solutions scenarios. We are also unsure if we
can stick with our CA certificate with multiple SANs since we have red that
this isn't supported yet on ISA Server 2006. And since we also are running
in an environment with different internal domain (domain.int) and external
domain (domain.com) we also have questions how to successfully use our
requested certificate on our internal CAs server on the multiple websites
(CAS/ISA etc). We are using the guide
http://technet.microsoft.com/en-us/library/aa995942.aspx and this works all
fine now (externally/internally) when we only so far are running the
multi-role E2K7 (MBX/CAS/HUB), but as mentioned abowe we are seeing coming
problem with the certificate beeing activated correctly on the ISA server.

We are in need of hints and recommendations when it comes to publishing the
certificate and also for guides, white papers etc when it comes to Edge
Transport and ISA Server 2006 coexistence and common scenarios.

All types of responds when it comes to this are highly appreciated!

Thanks in advance,
Richard

.

Relevant Pages

  • Re: ISA 2006 Basic Configuration
    ... Does the AD/DNS Server have the ISP's DNS properly configured as a Forwarder? ... Microsoft Internet Security & Acceleration Server: ... Microsoft ISA Server Partners: Partner Hardware Solutions ... The routing table for the network adapter Internal includes IP address ranges that are not defined in the array-level network Internal, ...
    (microsoft.public.isa.configuration)
  • RE: Accessing WSS3 internally and via RWW and Companyweb
    ... you should publish WSS 3.0 site to internet and change the link on the ... should not change the Web Server Certificate during running CEICW.) ... Do not change current Web server certificate. ... Click Start, point to Programs, point to Microsoft ISA Server, and then ...
    (microsoft.public.windows.server.sbs)
  • RE: 403 forbidden with new server
    ... if you add the windows server 2003 to your SBS 2003 ... How to install Small Business Server 2003 in an existing Active Directory ... How to configure Internet access in Windows Small Business Server 2003 ... configure ISA server as your Proxy ...
    (microsoft.public.windows.server.sbs)
  • Re: Accessing the published webpage behind a router.
    ... created a network object - URL Set and put the FQDN in there. ... Microsoft Internet Security & Acceleration Server: ... Deployment Guidelines for ISA Server 2004 Enterprise Edition ...
    (microsoft.public.isa)
  • RE: Digest authentication does not work for HTTPS-requests through MS
    ... I've seen this problem happening when the network range in your "Internal" ... Clients use Internet Explorer 6.0. ... All the testing was performed having SP1 for ISA Server 2004 installed. ...
    (microsoft.public.isa)