Forum Discussion
2 Replies
i would run the iApp again, now with an external IP (if your F5 is connected the public IP space directly). you might also have different security requirements and such (ssl certificate) on the outside.
- Chase_AbbottEmployee
There's a few ways to do this but you don't have to create a new VIP or new application configuration. If you're not using APM to authenticate to Exchange, you can simply terminate your OWA external namespaces to whatever firewall you're using and forward it on to the internal namespace. Exchange handles the name conversions via the virtual directories so as long as it's aware of the internal and external names, you're ok. If you're using a single namespace then you can terminate the public IP wherever and forward traffic into the internal VIP.
My last Exchange build using two namespaces (no DNS hair pins) I terminated the public OWA name at the firewall and forwarded traffic to the internal VIP directly. I did have to mess around with a few one-connect settings for esoteric clients but Exchange handled everything related to getting the users traffic to the proper MBX server.