BE/FE exchange Via ISA (Full Version)

All Forums >> [ISA Server 2000 General] >> Server Publishing



Message


jinkostas -> BE/FE exchange Via ISA (8.Feb.2002 5:46:00 PM)

Hello everybody....Tell me plz if this is possible

Here is my question

I have the following network

ISA Server 194.219.22.2 --->Real Ip
192.168.1.1 ---->Fake Ip
and i publish the QWA on ISA Server from a server that has the followin IP 192.168.1.30 and it is the FrontEnd Exchange server

Both Servers are on the same Domain and both are Windows 2000 Server...

Now i Setup an other isa server that is is gonna be between the FE and the BE exchange

2nd Isa Server
IP 1# 192.168.1.100
IP 2# 192.168.2.100

Back End Exchange ip 192.168.2.30 with gateway 192.168.2.100....

The Second isa server and the Backend Exchange server are also Windows 2000 Server BUT
the log on ON A DIFFERENT domain

I dont have a great knowledge about Exchange Server and i read here on isaserver.org that i have to use a VPN connection ( probably vpn dial-up etc..) but i think that the FE and the BE must be on the Same AD.. isnt that right???

Thanks in advance

I am very comfused




ConsoleH -> RE: BE/FE exchange Via ISA (8.Feb.2002 8:30:00 PM)

jinkostas

I know what you are trying to do, An yes in order for FE/BE topology to work both server must be on the same domain.
What You are really trying to do is to Create Microsoft's Exchange 200 server Front-End and Back-End Topology where you have an inner firewall then a Front end exchange server and then an outter firewall then a back end exchange.
For more info go to
http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2KFrontBack.asp

I know this because I was persuing this topology too, but After a lot of problems I desided to use a diferrent approch. The topology you are trying to do really doesn't work well in the production environment. I suggest that you do what i did and put both FE and BE exchange server behind the ISA server and then Publish then FE exchange server.
But if you really want to try to do the FE/BE topology here are a few articles by Tom that helped me:

Read this one on how to create your DMZ by Tom the man
ISA Server DMZ Scenarios
http://www.isaserver.org/shinder/tutorials/dmz_scenarios.htm

Then read this one to see how to configure Publishing Exchange 2000 Outlook Web Access with ISA Server
http://www.isaserver.org/shinder/tutorials/publishing_excahnge2000_outlook_web_access .htm

Read this one to allow the Front End Exchange server to communicate with your internal network
I think this is what you were looking for since what you are really tring to achive is to allow the Front End Exchange Server be part of the internal domain and to be able to acces your internal Active directory and Global catalog event though it is in front of the Firewall or ISA
Allowing Intradomain Communications Through an ISA Server
http://www.isaserver.org/shinder/tutorials/intradomain_communications.htm

[ February 08, 2002, 08:37 PM: Message edited by: ConsoleH ]




jinkostas -> RE: BE/FE exchange Via ISA (11.Feb.2002 9:15:00 AM)

Thanks for the reply...

But i read all the time about "the best way is to make a connection between FE/BE is with vpn"

What network topology u have to make to make the vpn work???

i dont know probably Dr. Thomas W. Shinder will give as a detailed answer...

because if you have an ISA Server with real IP and publish the OWA on the FE exchange it is ok... i van understand it but the connection between a FE/BE when the ISA server is on the way and they are in a different Domain... how the VPN will help.. when the vpn call that you make has usernem/password from the other domain and the BE is on a differnet domain than the FE

Sorry if i confused but believe me i am to....




Page: [1]