Forum Discussion
Blanket_140040
Nimbostratus
NimbostratusExchange 2010 - Using a VIP on the LAN and on the DMZ
Hey all, One area that I am a little confused on is iApps and Exchange 2010 in the area of having a VIP in the DMZ and in the LAN to support both inside and external users. The VIP's will be different, but they will both point to the same internal servers for the same resources (OWA/ECP/ActiveSync/Autodiscover,etc).
From a routing view it would look like this for outside users needing OWA/ActiveSync:
internet - FW - LTM (DMZ interface) - LAN - mail servers
For users inside, they would go to the VIP of the LAN interface of the LTM and then go to the mail servers (mainly for the CAS Array).
I think this is workable and should work, but its not very clear from any documentation that I have been reading.
Many Thanks!
Hi Blanket,
Yes it should work. You'll just need to deploy 2 instances of the Exchange iApp, one for the DMZ and another for internal, and make sure they're listening on only the DMZ and internal VLANs, respectively.
Mike
Hi Blanket,
Yes it should work. You'll just need to deploy 2 instances of the Exchange iApp, one for the DMZ and another for internal, and make sure they're listening on only the DMZ and internal VLANs, respectively.
Mike
Blanket_140040Good deal and thanks for the insight! So we would run iApp twice then correct?- Correct, create an application service for each zone you're publishing in.