Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Moving exchange server to DMZ

Status
Not open for further replies.
vurve

vurve

IS-IT--Management
Apr 6, 2001
6
US
Hello,

I am a newbie to exchange and need some help regarding moving an existing exchange server to the DMZ. The current setup is like this:

Our web hosting provider hosts our web site and provides mail service (pop3) for our company (abc.com). We have an internal LAN (192.168.1.0) on which we have a Dell server that is running Active Directory and exchange (basically SBS 2000). The domain we are hosting on the exchange server is called "internal.abc.com", and users on the LAN log onto the "INTERNAL" domain. The server name is server1.internal.abc.com. This server was initially set up just for calendar sharing. We want to set this up on the DMZ with a routable IP address so that it can be used to send and recieve email. The users use outlook 2000/2002 as the email client.

What are the changes that need to be done for the DNS (which new DNS records need to be added for this server)? Also, what are the security measure that I need to implement on this server before it is moved to the DMZ? How will users on the internal LAN connect to the AD and exchange from accross the firewall? What are the other things I need to consider for this move?

Thanks for all the help,

Vivek
 
Sort by date Sort by votes
Not sure why you would want this in a DMZ but I suspect that you will have many more firewall issues than you will AD issues. For instance, all firewalls block broadcast messages, so when the exchange server tries to authenticate the user as a domain user it will fail on the broadcast query to a domain controller.

I would just put the exchange server behind the firewall. Use Exchange to resolve the MX records for outgoing mail and have your ISP create an MX record for incoming mail and do away with the POP3 relay to the ISP.
 
Upvote 0 Downvote
Hi egodette,

Thanks for your reply. If I keep the exchange server inside the firewall, how will I setup the IP address for the server (right now it has a 192.168.1.xxx IP address). I will have to setup an routable IP address for the exchange server, right?

About the DNS records. So do I ask my ISP to create an MX record for "internal.abc.com" that points to the IP address of the exchange server? Will I need some other DNS records (CNAME, A) that point to the FQDN of the exchange server (server1.internal.coxygen.com)?

Thankd so much for your help regarding this.

Vivek
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

S
  • Locked
  • Question
MS Exchange contacts question
Replies
0
Views
406
sdp.Daniele
S
A
  • Locked
  • Question
MS Exchange Setup
Replies
0
Views
435
andreegington
A
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
3K
ComputersUnlimited
ComputersUnlimited

Part and Inventory Search

Sponsor

Back
Top