March 16, 2008

Publishing of Exchange

When you publish an internal Exchange front-end server through ISA Server 2006, you are protecting the Web server from direct external access because the name and IP address of the server are not accessible to the user. The user accesses the ISA Server computer, which then forwards the request to the internal Web server according to the conditions of your Web server publishing rule. An Exchange Web client access publishing rule is a Web publishing rule that contains default settings appropriate to Exchange Web client access

Procedure for publishing Exchange
  1. In the console tree of ISA Server Management, click Firewall Policy
  2. On the Tasks tab, click Publish Exchange Web Client Access.
  3. Type a name for the rule. For example, type Exchange Web Client Publishing.
  4. Select the proper version of Exchange.
  5. Select Publish a single Web site or load balancer.
  6. Select Use SSL to connect to the published Web server or server farm
  7. Type the internal FQDN of the Exchange front-end server.
  8. Type the domain name that you want ISA Server to accept the connection.
  9. Select the Web listener you created previously
  10. Select Basic authentication.
  11. Select the user set approved to access this rule
  12. Review the selected settings, and click Back to make changes and Finish to complete the wizard
Procedure for creating Web Listener

  1. In the console tree of ISA Server Management, click Firewall Policy
  2. On the Toolbox tab, click Network Objects, click New, and then select Web Listener
  3. Type a name for the Web listener
  4. Select Require SSL secured connections with clients.
  5. Select the External network.Check box should be selected (default).Click Select IP Addresses.
  6. Select Specified IP addresses on the ISA Server computer in the selected network.
  7. Select Assign a certificate for each IP address.Select the IP address you just selected and click Select Certificate
  8. Select the certificate that you just installed on the ISA Server computer
  9. Select HTML Form Authentication for forms-based authentication and select the appropriate method that ISA Server will use to validate the client's credentials.
  10. Leave the default setting to enable SSO
  11. Review the selected settings, and click Back to make changes or Finish to complete the wizard.

Configuration of ISA server 2006 in a Single NIC

When you install ISA Server on a computer with a single network adapter, ISA Server is only aware of two networks: the Local Host network that represents the ISA Server computer itself, and the Internal network, which includes all unicast Internet Protocol (IP) addresses that are not part of the Local Host network. In this configuration, when an internal client browses the Internet, ISA Server sees the source and destination addresses of the Web request as belonging to the Internal network.

Configure ISA Server Network Template
  1. In ISA Server Management, expand the Configuration node, and then click Networks.
  2. On the Templates tab, click the Single Network Adapter template
  3. On the Welcome page of the Network Template Wizard, click Next.
  4. On the Export the ISA Server Configuration page, click Export to export your current configuration before applying the Single Network Adapter template. Then click Next.
  5. On the Internal Network IP Addresses page, specify settings for the Internal network. Then click Next
  6. On the Select a Firewall Policy page, click Apply default Web proxying and caching configuration, and then click Next
  7. Check the settings for the new template, and click Finish to complete the wizard.
  8. In ISA Server Management, click Apply to save the new settings.
Following things are supported in Single network configuration
  • Forward Web proxy and caching
  • Web publishing and Outlook Web Access Publishing