Forefront Edge Security TechCenter >
Forefront Edge Security Forums
>
Forefront Edge Security - Installation, Upgrade, and Setup
>
which type of template for exchange pop, imap, owa and proxy?
which type of template for exchange pop, imap, owa and proxy?
- We have deployed isa 2006 sp1. We are currently deployed in a single nic configuration, only using it for proxy for a couple of servers.
We've added exchange 2007 owa and activesync. We now need to change the ISA template so we can publish secure pop and imap, as well.
We already have edge servers deployed and they are firewalled and secured via an alternate method, not isa.
We would like isa behing the edge servers and the exchange CAS/hub behind isa.
I'm just getting familiar with isa and don't quite know where to put the 2nd nic. I was thinking of not changing the isa template, just add the 2nd nic to a perimeter network. and use that ip for the outside facing. It will get it's nat from a different firewall, not from isa.
Will that work?
Is there a better way?
Answers
- If ISA is to operate behind another NAT device, ise the "back firewall" template.
THe ISA network connections must be in separate physical and logical networks.
IOW, ISA must provide isolation between separate networks; in your case, the DMZ (external to ISA) and the LAN (internal to ISA).
Jim Harrison Forefront Edge CS- Marked As Answer byksnb Monday, October 26, 2009 4:30 PM
- Proposed As Answer byJim Harrison IsaDewd Friday, October 23, 2009 11:25 PM
All Replies
- If ISA is to operate behind another NAT device, ise the "back firewall" template.
THe ISA network connections must be in separate physical and logical networks.
IOW, ISA must provide isolation between separate networks; in your case, the DMZ (external to ISA) and the LAN (internal to ISA).
Jim Harrison Forefront Edge CS- Marked As Answer byksnb Monday, October 26, 2009 4:30 PM
- Proposed As Answer byJim Harrison IsaDewd Friday, October 23, 2009 11:25 PM
