Publishing Exchange Server 2013 using TMG

re: Publishing Exchange Server 2013 using TMG

duddit2 — Fri, 18 Jan 2013 09:17:44 GMT

EAS Virtual directory set for basic auth, Auth delegation on the publishing rule set to basic, using same listener as OWA rule which is working fine and publishing the same web farm (the 2 exchange servers).

Autodiscover is set correctly as far as I can tell, but this is one of the main differences between OWA and EAS so this could be at fault I suppose.

re: Publishing Exchange Server 2013 using TMG

duddit2 — Fri, 18 Jan 2013 09:06:53 GMT

Oh also when looking at logging on TMG while trying to connect, I see the allowed connection but it gets a 403 unauthorised message. Same as the analyser tool.

re: Publishing Exchange Server 2013 using TMG

duddit2 — Fri, 18 Jan 2013 09:05:13 GMT

I have just setup exchange 2013 and am trying to publish OWA.EAS and Outlook anywhere via TMG 2010 fully patched.

TMG is setup as back firewall, the edge has its own firewall.

It goes like this:

Internet

Edge firewall (NAT)

DMZ (192.168.xxx.0/24) - perimeter

TMG (dual nic, one in DMZ and one in LAN)

Exchange 2013 servers (2 x servers running all services setup as DAG)

The routing between perimeter and lan is a route and not NAT, OWA on the exchange boxes is basic auth and this simply worked out of the box, no changes needed, but I cant get EAS or Outlook anywhere to work.

When I test using exchange connectivity analyser for EAS, it fails on the options command - the error clearly shows the internal URL of one of the exchange servers but the port number has been changed to 444.

On the exchange box there is a exchange backend website and this is bound to port 444, but the real client access is using the default website and is bound to port 443 with the correct certs setup.

Anyone have any ideas?

re: Publishing Exchange Server 2013 using TMG

CS — Tue, 04 Dec 2012 01:02:32 GMT

Greg,

If KDC will not be supported, is there a way to integrate Certificate Authentication on TMGs for Exchange 2013?

Regards,

re: Publishing Exchange Server 2013 using TMG

Astrid McClean MSFT — Thu, 29 Nov 2012 00:33:32 GMT

@Jet Microsoft's Cloud Anti-Spam solution is Forefront Online Protection for Exchange (FOPE) and the next release will be known as Exchange Online Protection. A previous article explains the new product - blogs.technet.com/.../exchange-online-protection-a-premium-protection-and-policy-service-for-email.aspx

re: Publishing Exchange Server 2013 using TMG

Jet — Tue, 27 Nov 2012 11:03:05 GMT

According to what I know the Edge role completely disappear with this version.

So where should we put the Antispam Server in an Exchange 13 architecture ?

Is Microsoft going to provide a solution (Cloud or Software) ?

re: Publishing Exchange Server 2013 using TMG

Cory Wood — Mon, 26 Nov 2012 15:20:00 GMT

Greg - I just verified that pre-auth is set up. The rule is using Basic authentication delegation. The listener is using FBA and Windows (Active Directory) as the Authentication Validation Method.

-Cory

re: Publishing Exchange Server 2013 using TMG

WeetA — Mon, 26 Nov 2012 08:33:30 GMT

@Greg, it's not so simple

No button with:

Bonjour,

Comment ca va ?

123 Fifth Avenue, Kirkland, WA 98033

but the button is present with:

Hello,

Comment ca va ?

123 Fifth Avenue, Kirkland, WA 98033

re: Publishing Exchange Server 2013 using TMG

WeetA — Mon, 26 Nov 2012 08:24:17 GMT

@Greg

well, i found something strange.

Bing maps button doesn't appear in OWA when the body is:

Comment ca va ?

123 Fifth Avenue, Kirkland, WA 98033

but it appears when the body is:

Ca va ?

123 Fifth Avenue, Kirkland, WA 98033

It doesn't appear too when the body is:

123 Fifth Avenue, Kirkland, WA 98033

Comment tu te sens aujourd'hui ?

It seems that the word Comment (translated from French to "How") cause the problem.

Can you test on your environment ?

Thx

re: Publishing Exchange Server 2013 using TMG

WeetA — Mon, 26 Nov 2012 07:41:42 GMT

@Greg, yes web apps are enabled.