Exchange Server 2007 SP1 on ISA Server 2006 architecture

Hi there, I would like to share my experience on setting up Exchange Server 2007 with the existing servers below:

  • ISA Server 2006 SP1
  • Edge Transport Server – Exchange Server 2007 SP1
  • Hub Transport, Mailbox, and Client Access Server – Exchange Server 2007 SP1
  • Active Directory
  • DNS Server

hoping the diagram looks like below:



Figure 1: Exchange 2007 & ISA Server 2006

Figure 2: DNS flow


Figure 1 and Figure 2 explained on which ports should be allowed to make the email is received and sent.

Ony my set up:

  • ISA Server is a member of a domain (joined domain)
  • Edge Server is NOT a domain member  – In Windows Server 2003, I used ADAM to connect to the LDAP. That’s why in figure 1, I open a port to allow the port 50636 and 50389 to connect Secure LDAPS.
  • DNS server integrated with Active Directory
  • Public DNS using the domain hosting providers – Creating MX Records and resolve domain for example,
  • Publishing a Firewall Policy – SMTP port 25 between DMZ and Internal should be allowed where in figure it is between hub transport server (netoverme-exc) and edge server (netoverme-edge). Also, this port should be allowed from edge server to external network for outbound (by creating a a firewall rule) and from external to edge server for inbound the tcp 25 port smtp traffic (this is done by publishing SMTP server).