RE: ISA 2004 Revese Proxy (not member in the domain) in the DMZ

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 10 Sep 2004 07:38:29 -0500

Hi Idan,
What are the reason for not making the ISA firewall a back end firewall?
Since that's what its really designed for, you should use it. Its like
buying a Ferrari and taking three wheels off because "it goes too fast".
Does a back end ISA firewall add "too much security" to the Checkpoint
Server solution you're using now?


From: Idan Plotnik [mailto:idan@xxxxxxxxxxxxxxx] 
Sent: Friday, September 10, 2004 5:47 AM
To: [ Discussion List]
Subject: [isalist] ISA 2004 Revese Proxy (not member in the domain) in
the DMZ


My scenario is ISA 2004 Reverse Proxy (not member in the domain) in the
DMZ for OWA 2000 publishing.

I work around these excellent articles by Thomas, but my infrastructure
is a little bit different.

I am using CheckPoint as my Front-End firewall and I located the ISA in
the DMZ, my is OWA 2000 is located in the inside LAN and I wanted to
know if its possible to publish the OWA in this infrastructure (that the
ISA is not part of the domain) and how the authentication works in this

My second question is where I need to put my SSL certificate for the
Bridging option.

Thanks a lot. 

List Archives:
ISA Server Newsletter:
ISA Server FAQ:
Other Internet Software Marketing Sites:
World of Windows Networking:
Leading Network Software Directory:
No.1 Exchange Server Resource Site:
Windows Security Resource Site:
Network Security Library:
Windows 2000/NT Fax Solutions:
You are currently subscribed to this Discussion List as:
To unsubscribe visit
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: