• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out


Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Web/Exchange/SharePoint/Server Page: [1]
Message << Older Topic   Newer Topic >>
Web/Exchange/SharePoint/Server - 29.Mar.2007 6:03:41 AM   


Posts: 158
Joined: 21.Mar.2005
From: England
Status: offline
I have a 'general' question which will apply to all kinds of server publishing so will just post the one thread here.
I am re-configuring our network to include a DMZ and an ISA 2006 server. Our ISP have provided us with a managed Cisco 2811 router, which has hardware DMZ built-in.
I need to have protected web areas for user logons and would like to tie this in with our AD. So the plan is to have ISA in the DMZ, which will then publish servers on the LAN side to external clients. I will be using Path Redirection from one single domain (as we are a school and kids have enough trouble remembering passwords, let alone understanding sub-domains!)
My questions though, are:
I would like to use https: for Exchange and SharePoint - what it the process of configuring ISA to redirect http://www.domain.com/mail to https://server1/owa and http://www.domain.com/sharepoint to https://server2/sharepoint etc
How do I configure SSO for all internal domains
There's other things i'm sure, but won't know these until the server is up and running.
Thanks very much/...


Where there's will, there's always a way!
Post #: 1
RE: Web/Exchange/SharePoint/Server - 9.Apr.2007 10:13:59 AM   


Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
The ISA Firewall is a network firewall, so this design really isn't appropriate. Why? Because the ISA Firewall needs to be an inline device between the Internet and the devices that are being protected. From what I see here, its quite simple to bypass the ISA Firewall.

Put the ISA Firewall behind the router and then create anonymous and authenticated access DMZs as required. Analyze your security zones and put hosts in the appropriate security zone that is segregated by the ISA Firewall.

There are articles on this site on how to do this.



Thomas W Shinder, M.D.

(in reply to ldoodle)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Web/Exchange/SharePoint/Server Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts