Forefront TMG has now been discontinued and a replacement will have to be found sooner or later. There are now several manufacturers who are filling the gap left by Forefront TMG. I will test some promising solutions and publish a howto for each of them. Finally, there will be an article comparing the solutions and listing the pros and cons from my point of view. So much for the plan.
I have therefore created a standard test environment that I will use for all solutions. The test environment has a relatively simple structure:
There is a Windows Server 2012 R2 with the name DC1 on which the Domain Controller role and Outlook 2013 are installed. Exchange 2013 is also installed on Server 2012 R2. The Exchange servers have the names EX1 and EX2. This is always the starting point for all solutions.
I defined a few evaluation criteria in advance in order to be able to draw a conclusion later. Mind you, these are my own criteria, which probably say little about the quality of the individual products. But more on that later.
This article is about IIS and the Application Request Routing (ARR) feature, which is basically a reverse proxy to publish web applications. ARR is supported on Server 2012, the server does not have to be an AD member and can be placed in the DMZ.
So I rebuilt my existing test environment and installed a Server 2012 with IIS
Thanks to the web platform installer, ARR can also be installed quickly
So you can start with the configuration. First, a certificate must be bound to the "Default Website" in the IIS:
A new server farm can now be created
The farm name corresponds to the external access name, in my case "outlook.frankysweb.de"
In the next step, the two Exchange servers are added as members of the farm
The URL rewriting rules can be created automatically
You will then find a new farm in the IIS Manager, which still needs to be configured. The "Disk Cache" is switched off under "Caching".
Under "Health Test", the URL is entered using ARR to check the availability of the services. "https:///owa/healthcheck.htm" is entered as the URL. A check interval of 10 seconds should be sufficient. The status code is set to 200.
Click on "Verify URL Test" to check whether both servers are responding
The status of the Exchange Server can now be viewed under "Monitoring and Management". If the "Health Status" column contains the value "Unknown", simply surf to the page once and the corresponding process will be started.
Under "Routing Rules", "SSL Offloading" must still be switched off
That was all.
You could now create a new web farm for Autodiscover, but I don't need that for my test right now. In principle, ARR does exactly what it is supposed to do, load balancing and reverse proxy. So far so good.
I will do my usual tests and maintain my spreadsheet.
Hallo Geniale Anleitung.
OWA funktioniert bei mir!
Leider bekomme ich Active Sync nicht zum laufen.
Hast du eine Idee warum sich Outlook nicht verbinden will?
Hallo Frank,
ich habe aktuell ein Projekt allerdings mit Sharepoint, wo sich die User am Web Application Server der ja seit der R2 Version zur Verfügung steht über ADFS authentifizieren.
Kannst du diesen in deinen Test eventuell auch für Exchange berücksichtigen ?
Ich denke das dieses Feature einige andere auch Interessieren könnte.
Gruß
Dennis