Publish all exchange roles on one TMG listener


I have had a few requests for publishing everything on one listener, so here is it (this is an addendum to the rest of the articles not a re-write)

OA\EWS and OAB should be able to use the form based listener because it is supposed to change to basic, this is based on information provided by outlook when connecting. (it doesn’t always work but here is how to make it)

To make this work every time here are the steps:

  1. Publish OWA using the following article.
    http://exchangemaster.wordpress.com/2010/04/09/publish-exchange-2010-with-tmg-forefront-threat-management-gateway/
  2. Publish OA\EWS\OAB using the this article

NOTE: This Method moves the authentication from the TMG to the Exchange server eliminating Pre-authentication for Outlook Anywhere.
This will also work for publishing ADFS 2.0 for Office 365 using a single listener (Coming Soon)

Configure Outlook anywhere rule on TMG

  1. Open Forefront TMG
  2. Click on image_thumb5[1]
  3. In the Action Pane under Task click image_thumb6[1]
  4. Give the rule a Name ill name mine “2010 OA”
  5. image
  6. Next –> Next
  7. image_thumb8[1]
  8. Internal Site Name should be your CAS server FQDN (needs to be on the cert)
  9. image_thumb9[1]
  10. The external name is what you use to access OA (Also needs to be on the cert)
  11. image
  12. Click –> Next –> Finish –> Select the Listener. (Choose the OWA listener you created before)

  13. This step moves the auth from the TMG server and moves it to the Exchange
  14. image
  15. Modify the User set to include “all users” and remove “all authenticated users”.
  16. clip_image002
  17. You may get the following error you can click ok and ignore it. (Do not check require users to authenticate check box on the listener or this method will not work)
  18. clip_image002[5]
  19. Finish
  20. Now Outlook anywhere is published using the same listener as OWA! (Albeit without pre-auth)
About these ads

4 thoughts on “Publish all exchange roles on one TMG listener

  1. Pingback: Walkthrough Series: Threat Management Gateway Exchange publishing « Troubleshooting Exchange

  2. Hello,
    This same setup can be done for EAS, right?

    On the exchange server we only need to change OWA y ECP to be as windows authentication. The rest can stay like they are?

    I’m trying to avoid the use of a second TMG on my network.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s