Here is the link to the FE/BE topology guide. It has scenarios exactly as you want, with ISA in front of OWA, but they are going to want you putting the FE on your internal network behind ISA. http://www.microsoft.com/downloads/details.aspx?familyid=E64666FC-42B7-4 8A1-AB85-3C8327D77B70&displaylang=en
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Blunt Sent: Tuesday, March 06, 2007 4:30 PM To: Exchange Discussions Subject: Re: Cannot Install OWA 2003 I agree that the way you want us to do this is the best way, and it's what I've been arguing for, for years. Do you have any white papers or KB articles that you can send without too much work? Jim On 3/6/07, Jim Blunt <[EMAIL PROTECTED]> wrote: > Ed, > > I understand WHAT it you want us to do, I guess I just don't > understand HOW to do it. > > Our network architect is telling me, "With our current ISA Server > 2004, I only have the ability to proxy each port a single time. > Because ports 80 and 443 are already being proxied to the external web > server in the DMZ, I can't proxy the same ports to a different server > inside the firewall. To do that, I'd have to install a whole new > firewall. Instead, we should just install the new OWA on the external > web server where it's been for several years. We are no worse off or > less protected than we are now." > > What do you think? > > On 3/6/07, Ed Crowley [MVP] <[EMAIL PROTECTED]> wrote: > > After a reread of your question, I strongly advise you to reconsider doing > > that. Move the front-end server inside your intranet and use IIS or a web > > publishing appliance to proxy for your OWA and RPC over HTTPS clients. To > > install a front-end in your DMZ you must have a whole slew of dangerous > > ports open on your inside firewall making it like Swiss cheese. Putting a > > front-end server in a DMZ is tantamount to militarizing it. > > > > Ed Crowley MCSE+Internet MVP > > Time Magazine's Person of the Year! > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Jim Blunt > > Sent: Tuesday, March 06, 2007 12:20 PM > > To: Exchange Discussions > > Subject: Cannot Install OWA 2003 > > > > Scenario: > > o 1 Front-end in the DMZ > > o 1 SMTP Bridgehead server > > o 1 Mailbox server (~950 Mailbox-enabled users) > > > > Environment: > > o Exchange 2003 Enterprise, SP2 (native) on Windows 2003 Enterprise, > > SP1 in a Windows 2003 Native AD > > o Outlook 2003, SP2 on client end > > o SMTP Bridgehead server is running Symantec Mail Security for Microsoft > > Exchange, version 5.0.4.363. It also runs the AV console for administering > > the AV on the mailbox server, handles the encryption services in and out of > > the domain, and is the OWA Admin server. > > > > Problem: > > I'm trying to actually install the Exchange software on the FE and designate > > it as such, but when I do that, I get the following error message from the > > install application: > > > > "You must have write access to the local registry and the > > Remote Registry Service must be started" > > > > I have looked at the permissions on the server and I have full permissions. > > I have opened reged32 and given myself explicit Full Control to the HKLM > > registry hive. I have rebooted the machine three times. The SMTP, NNTP, > > IIS, WWW and Remote Registry services are all running. > > > > I have Googled and can't find anything. > > > > Anyone got any ideas? > > > > Jim Blunt > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > > To unsubscribe send a blank email to > > [EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > > To unsubscribe send a blank email to [EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
