If you have a linux server running apache in the DMZ you can use
mod_proxy to proxy requests into the trusted/internal network.
You just need an access list allowing the linux box to connect to OWA on
the backend machine.
Thats the way we have it set up and it seems to work perfectly..
Andy.
Randy Hall wrote:
We have been using OWA2000 for a few years now. The front end server sits in a
DMZ and communicates to the backend server with a very painfully developed
access list. In addition, you need two factor authentication to even get to
the login screen.
I recently attended a Microsoft presentation of the new architecture of Outlook
2007. The one thing that stuck out to me was that you can no longer put the
front end server in a DMZ. It has to be on the internal network. The
recommended way to publish OWA is ISA2006.
I don't currently have ISA2006 anywhere in my network and we are a very heavy
Cisco shop. What options do I have for publishing OWA? Purchasing ISA2006 for
this one application seems a bit overkill.
Any help or guidance would be appreciated. Google turns up lots of hits for
doing this with ISA but doesn't give any alternative.
Randy Hall - Sr. Security Engineer - CISSP
The Virginian Pilot - (757) 446-2754
