limohaa.blogg.se - Forefront tmg 2010 requirements

#Forefront tmg 2010 requirements series#

Listener IP Address : External Interface IP : ISP IP2 only.

Create New Protocol : HTTP Server on Port 80 inbound.

Server IP : 10.6.0.2 (secondary ip on the TMG-BE external interface).

Rule Name : Publish Outlook Webmail Apps 2010 (OWA) – HTTP (choose non-web publishing rule) .

So lets create the rules on the TMG-FE first : Users should be able to type the URL with HTTP or HTTPS and with or without /owa. Experience shows that users often forget the default URL.

At your provider you should create a DNS record that points to ISP IP2.Create a new A record called that points to 10.4.20.20 A new forward lookup zone should be configured on the DC1 server named.(the SAN certificate should include something like ) A SAN certificate with your companies webmail address should reside on the exchange 2010 and TMG-BE boxes.The TMG firewall that needs FBA needs to be joined to the domain.FBA should be disabled on the exchange 2010 box.If you want to create a fancy FBA logon page then check my post here.

It enables you to force authentication on the TMG firewall before packets are forwared to the exchange 2010 box. The FBA enables the TMG’s capablility to enable the OWA logon form on the TMG firewall instead of enabling it on the exchange 2010 box. In the second part we will be configuring OWA for exchange 2010, web publishing rules, and incoming and outgoing SMTP mail.Ĭonfiguring OWA for exchange 2010 with FBAįorms-based authentication(FBA) is one of the cool features that is included in the TMG software.

#Forefront tmg 2010 requirements series#

This article is the second part of my series about Installing and configuring Forefront TMG back to Back with Exchange 2010. In the first one I explained the network setup, network relationships, the TMG backend and TMG Frontend installations and some simple firewall rules.