Walkthrough on publishing all roles through TMG. (Part 4/4 SMTP)
This assumes:
- you have a MX record pointed to a name that points to the external IP of your TMG
- You have already configure your exchange to allow anonymous access on the receive connector
Configure SMTP rule on TMG
- Open Forefront TMG
- Click on
- In the Action Pane under Task click
- Enter your Transport Server internal IP
- You should now be able to send mail through your TMG to your Exchange.
Publish Exchange 2010 with TMG (Forefront Threat Management Gateway) Series:
1. OWA
2. EWS\Outlook anywhere
3. Active sync
4. SMTP
Pingback: Publish Exchange 2010 with TMG (Forefront Threat Management Gateway) « Troubleshooting Exchange
Pingback: Publish Exchange 2010 with TMG (cont) « Troubleshooting Exchange
Hi,
Nice step by step howto here.
Would you have the same for a back to back TMG config.
I’m looking for that since Exchange 2010 is available but cannot find any. My server can send and receive emails but OWA nor ActiveSync are working since the Exchange 2007/ISA 2006 to Exchange 2010/TMG migration.
Thanks.
So you would like a walkthrough on a config like
Excha2010 -> TMG-BE->TMG-FE->internet ?
yeah I can work on that and get it out, probably wont have it done this week but I can publish that.
Hi,
Yes, that’s exactly it.
Publishing Rules and Authentications for the rules, the listeners and IIS if you don’t mind.
On a side note, I noticed that you have two listeners with a different authentication.
With B2B ISA 2006/Exchange 2k7, I used to have only one listener per firewall.
Is that a TMG change or Exchange 2010?
Finally, I have only one public address, is that not going to be an issue if 2 listeners have to be used? Obviously, I need to add an external NIC so I guess the routing has to be changed on TMG as well…
Thanks for your upcomming howto.
Regards,
The 2 listeners are for the purpose of having 2 authentication methods, if you are content to use basic auth then 1 listener is adiquate.
If you want multiple auth methods you need multiple listeners an IPs to go with it
I will get that posted as soon as i can. Cheers
I have been out of pocket this last week, I will get started on this next module next week (no promise on compleation, I do still have to do my day job 😉 but I will get started)
Hi Jedi,
Had any chance to look at the back to back fw configs yet?
Regards,
I have the environment replicated so i can provide the walkthrough, i have had limited time this week however.
If all goes well i should have a post next week on it
nice. thanks
Pingback: Walkthrough Series: Threat Management Gateway Exchange publishing « Troubleshooting Exchange
If you are using multiple IP’s at the perimeter, how are you setting up DNS or getting traffic routed to two different IPs for owa on one and OA/EAS on the other?
I assume autodiscover would use the same listener as OA/EAS?
Its all about name space, example for autodiscover, activesync and ewe you can use a autodiscover.domain.com or oa.domain.com and then use webmail or mail.domain.com for owa.