>
>I'm new to this and if there are also any articles that would help me setup
>it up (from server and cisco network equipment perspective, please do let me
>know).
>
>Hope you guys can help me.
>
>Regards

"Mark Arnold [MVP]" wrote:

> On Fri, 8 Apr 2005 23:45:03 -0700, "Maki"
> <M***@discussions.microsoft.com> wrote:
>
> >I want to setup OWA in the DMZ. I already have exchange server 2003 behind
> >the firewall, within the local network.
> >
> >1. I've setup server 2003 on one server and now i want to install OWA on it
> >(this will be server in the DMZ).  Is OWA the only thing I have to install on
> >this server or do i have to reinstall entire exchange 2003 on it again?
>
> OWA (An Exchange 2003 Front End Server in a DMZ is not a recommended
> configuration
>
> >
> >2. Does the OWA server communicate with the Exchange server?  In the sense,
> >if a user gets to the OWA web interface from home, is his request sent to the
> >exchange server and then the exchange server opens the requested email? Is
> >that how this thing works? 
>
> The FE server proxies the requests. The BE is the one that does all
> the hard work.
>
> >
> >3. If what i said in number 2 is correct, do i then have to also open some
> >port or make a link in the firewall setting so as to enable the exchange to
> >talk to the OWA server?
>
> In the configuration you propose you will need to open a large number
> of ports from the DMZ to the LAN. From the Internet to the DMZ all you
> need in TCP 443
>
> See this:
> http://www.microsoft.com/technet/prodtechnol/exchange/2003/library/febetop.mspx
> It will give you an overview of why your proposal is not ideal and
> what you can do as an alternative. It tells you all the ports you need
> in all the scenarios described.
>
> >
> >I'm new to this and if there are also any articles that would help me setup
> >it up (from server and cisco network equipment perspective, please do let me
> >know).
> >
> >Hope you guys can help me.
> >
> >Regards
>
>

>Mark,
>Many thanks for the reply. 
>I've read about how it is better to have ISA running in the DMZ and
>authenticating users.
>My friends, though, have told me that in their organization, using server
>2000, they've always used the OWA in the DMZ, while the actual exchange would
>be in the lan.  The OWA in the DMZ would not be a proper exchange server, but
>a server that only has OWA.  I'm actually trying to install OWA only on a
>windows 2003 server, but can not seem to find the installation option for it
>in the exchange install program!
>
>Anyhow, i dont have an ISA (nor the funds to get it now), hence the reason
>why im asking about OWA for now.
>

"Mark Arnold [MVP]" wrote:

> On Mon, 11 Apr 2005 05:34:02 -0700, "maki"
> <m***@discussions.microsoft.com> wrote:
>
> >Mark,
> >Many thanks for the reply. 
> >I've read about how it is better to have ISA running in the DMZ and
> >authenticating users.
> >My friends, though, have told me that in their organization, using server
> >2000, they've always used the OWA in the DMZ, while the actual exchange would
> >be in the lan.  The OWA in the DMZ would not be a proper exchange server, but
> >a server that only has OWA.  I'm actually trying to install OWA only on a
> >windows 2003 server, but can not seem to find the installation option for it
> >in the exchange install program!
> >
> >Anyhow, i dont have an ISA (nor the funds to get it now), hence the reason
> >why im asking about OWA for now.
> >
>
> Well, it's not pretty, not recommended and not a good idea; but if you
> absolutley have to then the link in my original post gives you all the
> settings you need to open the link between the DMZ and the LAN
>