Configure ISA to Publish OWA

Daniel Petri

Jan 7, 2009

How can I configure Internet Security and Acceleration Server to publish OWA on an Internal Exchange Server?
The ISA Server allows for traditional mail server protocols (SMTP, POP3, IMAP4, and so on) to be published easily under the Server Publishing Rules node. However, no ISA Server wizard automates publishing an internal mail server that allows mail retrieval by using the Hypertext Transfer Protocol (HTTP).
This article assumes that the following prerequisites are in effect:

You are running ISA Server in firewall mode and there are at least two network interfaces.
Outlook Web Access (OWA) for Exchange Server 5.5 or Exchange 2000 Server is accepting HTTP requests within the internal network.

To configure ISA Server to allow external clients to access the internal OWA server, perform the following four steps:

Enable an HTTP listener on ISA Server:

In the ISA Management console, expand Servers and Arrays, right-click the ISA Server, and then click Properties.

Click the Incoming Web Requests tab, and then click Configure listeners individually per IP address.

Click Add, and click the ISA Server name in the list box in the Add/Edit Listeners dialog box. Enter the IP address that is assigned to one of the external network interface cards (NICs).

Click OK to close the dialog box, and then click OK again to save changes.

Create a destination set that can point the Web clients to the appropriate folders that are used by the OWA Web site:

Open the ISA Management console, expand the ISA Server-based server, and then click the Policy Elements section.
Expand the Policy Elements section, right-click the Destination Set folder, click New, and then click Set. You are prompted to name the new destination set; name the new destination set “OWA”.

In the Destination box, enter the Uniform Resource Locator (URL) that the external Web clients use to access OWA. This URL resolves the Internet Domain Name System (DNS) name to the external IP address on the ISA Server-based server.

Note: Do not include the “http://” or the “https://” portion of the URL in the Destination box.

In the Path box, type: /exchange*, and then click OK.
Repeat step d for the Exchweb and Public folders, adding the path for each as /exchweb* and /public* respectively.

Create a Web Publishing Rule:

Expand the ISA Server to the Publishing heading.
Under Publishing, right-click Web Publishing Rules, click New, and then click Rule.

Give a descriptive name to this rule, and then click Next.

Apply the rule to the specified destination set that you created in step 2, and then click Next.

Click Next to accept Any Request.

Click Redirect the request to this Internal Web Server, and then enter the IP address of the internal server.

Click to select the Send the original host header check box, click Next, and then click Finish.
Open the Services Microsoft Management Console, and then right-click the ISA Server Control. Click Restart, and then click Yes to restart all dependent services.

Repeat Steps 1 to 3 for any additional hosted domains. Each additional hosted domain that corresponds to a different internal Exchange Server should be registered on a different IP address on the external NIC of the ISA Server.

Note: If the “back-end” Exchange server does not hold the Web client’s mailbox, the redirection does not work. If you have a farm of Exchange 2000 servers that share the same e-mail domain namespace, it is not recommended that you use ISA as a “front-end” server.

You may find these related articles of interest to you: