We do similar using MS Hyper-V. with no problems. In fact we have two, separated by DCs, and let Akamai load balance the inbound hits to OWA/ActiveSync/Autodiscover...but we did have some serious fun with the certificates.
D From: James Hill [mailto:[email protected]] Sent: Tuesday, October 20, 2009 3:48 AM To: MS-Exchange Admin Issues Subject: RE: ISA and CAS server We are running a similar setup here with no issues. ISA 2006 on VMWARE sitting in the DMZ. We do have two nics though. One connected to the DMZ and the other to the internal network. So traffic inbound goes:- Firewall - > ISA -> CAS http://technet.microsoft.com/en-us/library/bb794854.aspx has a walkthrough. From: Rob Bonfiglio [mailto:[email protected]] Sent: 19 October 2009 19:10 To: MS-Exchange Admin Issues Subject: ISA and CAS server I wanted to get others' opinions on this. We want to give OWA access to our users via a server in the DMZ. It has to allow for smart card authentication. What I'm reading is that the correct way to do this is with ISA in the DMZ. Initially I had planned on putting the server on a Hyper-V VM, but I'm wondering how well an ISA server will run in a VM. Has anyone done this? Also, since this is really just acting as a proxy, I should only need one NIC in the box, right? We are not going to use this as a firewall. I was reading through instructions on how to accomplish this here: http://thedigitalpostman.blogspot.com/2009/07/cac-enabled-login.html Any thoughts or suggestions would be greatly appreciate. Thanks! Rob
