Exchange 2010 OWA publishing and redirection through TMG

Posted: January 12, 2011 in Exchange, TMG
Tags: , , , , , ,

If you are deploying Exchange 2010 and going to publish and redirect OWA through TMG you can follow the below instructions,

First I will start with OWA publishing rule,

Create a new Exchange web client access publishing rule,

0

Specify the internal FQDN of the published OWA site and server name or IP address

1

Type the public name of OWA site

6

Paths

7

Authentication Delegation

9

Users

10

=======================

The second part will be OWA redirection

Original Source, http://blogs.technet.com/b/sooraj-sec/archive/2010/01/11/owa-redirect.aspx

Another Source, http://tmgblog.richardhicks.com/2011/01/06/http-to-https-redirection-options-in-forefront-tmg-and-uag/

Many users want to use OWA without adding /owa in the OWA url e.g. if the complete URL is https://mail.corpa.com/owa they just want to type https://mail.corpa.com and want to access OWA by doing that. In order to get that to work we can configure a redirect rule on ISA server 2006 . Please refer to my earlier post about how to configure OWA http://blogs.technet.com/sooraj-sec/archive/2009/12/05/publishing-owa-on-isa-server-walk-through.aspx as I will refer to the OWA rule created there for OWA publishing. So I would assume that we have already configured OWA rule as per my link mentioned above and now we are ready to configure OWA redirect. First thing that we would do is to copy the OWA rule and paste it by doing ctrl+V on the firewall policy window of ISA MMC as shown below

and(don’t forget to apply the settings) then open the properties of this new rule which in this case is owa(1) you can rename it to OWA redirect or whatever name you want to give it. Then go to the “Action” tab of the rule properties and choose Deny and then check the redirect check box and enter the URL for OWA i.e. the actual one in this case it is https://mail.corpa.com/owa as shown below

then go to “Paths” tab as shown below

and remove the existing paths and add the paths shown above. Then we are ready for URL redirection from https://mail.corpa.com to https://mail.corpa.com/owa.

There are users who don’t  want to put “https” in the URL and just want to type “mail.corpa.com” and access OWA along with above mentioned requirement. This would be considered as http to https redirection.In order to achieve this http to https redirection we can configure our OWA listener to allow http to https redirection as shown below

as you can notice that we have checked box for http connections as well along with https and then chose option redirect all traffic from http to https.

By configuring our OWA redirect rule as shown above and our OWA listener as shown above a user shall be able to access OWA by typing “mail.corpa.com” in the browser.

Advertisements
Comments
  1. JP says:

    Hi,

    I’m trying to accomplish the similar setup, but the Wemail (OWA) should be reached op port 8443 instead of port 443. The Deny with redirect is unfortunately not working.
    Direct connect to the https://URL:8443/owa is working, but not https://URL:8443.
    Any suggestions how to get this setup to work?
    In both policies I use the same web listener.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s