I have been cracking on with ISA lately and have Tom's 2004 book. I have followed the DMZ configuration, and have public IPs and registered domain so have been checking for real so to speak and I am very happy.
However, one problem I have at moment. I have frontend and backend both on Exchange 2003 sp2, and have configured the automatic RPC/HTTP configuration, rather than a reg edit myself.
My frontend exchange is hanging and the information store never starts.
So some user-defined protocols needed I think. What are the port numbers does anyone know please?
That sounds great and thanks very much. Frontend is in DMZ, backend is actually a DC as well so will see if that works this afternoon and hopefully can report it's success.
Posts: 4383
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
New in SP2 With the release of Microsoft® Exchange Server 2003 Service Pack 2 (SP2), Microsoft has introduced Direct Push technology which allows Exchange ActiveSync® to deliver e-mail messages immediately to the mobile device as soon as they arrive on the server. With Direct Push technology, whenever the back-end server receives e-mail or data to be transmitted to a mobile device, it sends a UDP notification to the front-end server. This transmission requires that UDP port 2883 be open on the firewall to allow one-way traffic from the back-end server to the front-end server.
Can I have someone eye over what I am doing to spot the mistake please?
I have a trihomed ISA as in Tom's 2004 book, and configured exactly as that.
Internal network contains DC, is also a Exchange SP2 BE Server. Also configured as RPC/HTTPS Backend Server. Port set automatically with SP2.
DMZ contains Member Server, is also Exchange SP2 FE Server. Also configured as RPC/HTTPS Frontend Server. RPC Network component installed.
Configuration works successfully for OWA, RPC/HTTPS when both servers are on internal 10. network. I access through public IP following split DNS change on my network and everything great. Certificates fine etc. https://owamail.mydomain.com/exchange
When I move Frontend to DMZ, then information store on frontend hangs. Won't start even manually.
Network Access Rules are:
Internal > DMZ = Route. DMZ > External = Route
Firewall Access Rule is: From/To DMZ Server and Internal DC Computer
Selected Protocols allowed:
DNS SMTP CIFS (Both) FE/BE Link State Routing (691) LDAP LDAP (GC) LDAP (UDP) NTP Ping Kerberos Sec (TCP) Kerberos Sec (UDP) Kerberos Adm (UDP) RPC (All) HTTP Exchange Link State Routing (TCP691)
What is stopping this Frontend correctly communicating please guys? It is all wrong since RPC/HTTPS FE/BE set automatically through Exchange SP2 as I have seen.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Frontend Exchange SP2 in DMZ - What rules?? 
Frontend Exchange SP2 in DMZ - What rules?? - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread
