Exchange 2010 Transport Server in Hyper V?

By KENNY P
in Microsoft (Windows)

 Share

Recommended Posts

Explorer

KENNY P

Posted
Posted

One of my customers is having us setup an Exchange 2013 cluster with Windows Server 2012, but they want us to use a DMZ Network on their firewall.

Because the server roles have changed, and Exchange will need Active Directory services, we're wondering if the best case scenario to meet there security expectations is to create a Virtual machine with Exchange 2010 transport roles in the DMZ.

Will this setup/configuration work or is this not recommended?

Will any ports have to be opened for the 2010 transport server to communicate with active directory?

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

depending on how the dmz is setup, you will need ports 25 (for mail in and out), 50389 and 50636 (these two ports are for secure active directory) and if you want to manage with rdp 3389. You will be fine with putting this in a vm server.

Explorer

KENNY P

Posted
  • Author
Posted

depending on how the dmz is setup, you will need ports 25 (for mail in and out), 50389 and 50636 (these two ports are for secure active directory) and if you want to manage with rdp 3389. You will be fine with putting this in a vm server.

Thanks dude.... now is the Transport Server what we need to make this work with the DMZ? I'm installing Hyper V/Server 2k8 with Exchange 2k10 as we speak.....
Explorer

KENNY P

Posted
  • Author
Posted

What we want is to place the edge transport server in the DMZ with the least amount of open ports to meet the company's network security policies.

Can this server be a standalone server that is not a member of the domain with it's only purpose is to be a transport server?

Proficient

duddit2

Posted
Posted

Would you be wanting an edge transport server role then? Your wanting to simply have something in the DMZ to accept traffic on port 25 and perform simple spam/security checks which isn't AD reliant?

I think you maybe confusing Edge transport (not AD reliant and made for DMZ) with hub transport (AD Reliant, needs to be 'inside')?

Proficient

duddit2

Posted
Posted

Exchange 2010 Edge Transport

Edge Transport is an optional role that can be installed to prevent spam and virus. This role is meant to replace spam filtering devices such as Barracuda Spam firewall and Symantec mail security. This role is installed on a stand-alone server (workgroup) and uses ADAM to sync LDAP data from Active directory. This allows recipient filtering on Edge Transport server.

Proficient

duddit2

Posted
Posted

What we want is to place the edge transport server in the DMZ with the least amount of open ports to meet the company's network security policies.

Can this server be a standalone server that is not a member of the domain with it's only purpose is to be a transport server?

Sorry for my earlier posts, juts seen this of yours where you clearly state you want to put the Edge transport role in the DMZ.

You'll need to configure ADAM (Active Directory Application Mode) so that the edge transport server (workgroup not domain member) can 'talk' to AD and filter recipients correctly.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Microsoft unveils new Surface Laptop with improved trackpad, Snapdragon X2, and more

      By Talys · Posted

      I am not a fan of haptic feedback touchpads. I've owned a Surface Laptop 7 (Snapdragon) with one and a Lenovo Slim (Intel), and I hated both to the point where I purchased different laptops. It's not that they don't work most of the time; it's that they don't work 100% of the time, and there is no advantage from a user's perspective over a good mechanical trackpad like what's on a ThinkPad X1 or a Yoga 9i. I do not believe that I'll buy another haptic feedback touchpad laptop again in the near future.
    • Classic 7 is Windows 10 LTSC cosplaying as Windows 7

      By eiffel_g · Posted

      Works fine here too. About this build, I don't like to download any kind of Windows, from any site except Microsoft. The mod might work, but I don't know what it's inside. Can contain malware, backdoors... Long time ago I've used something like this but reversed - it was 98se with the look and some functionality  of XP. Or, later XP with Vista look. But I made it myself. Not downloaded from obscure sites.
    • Microsoft will finally let you sign in to Edge with a Google account

      By sphbecker · Posted

      I didn't have this one on my bingo card.
    • Rockstar gives last-gen GTA V players free upgrades tomorrow

      By LoneWolfSL · Posted

      Rockstar gives last-gen GTA V players free upgrades tomorrow by Pulasthi Ariyasinghe Rockstar is preparing to launch Grand Theft Auto VI later this year, but ahead of that, the company has revealed a new offer for some Grand Theft Auto V owners. It today announced that Xbox One and PlayStation 4 version owners of the 2013-released title will soon be receiving a free upgrade to the current generation version. The studio released the Xbox Series X|S and PlayStation 5 version of Grand Theft Auto V back in 2022, bringing significant upgrades to the original console editions. This included 60 FPS gameplay at up to 4K resolution, as well as major upgrades to textures, draw distance, and audio. Faster load times, ray tracing elements, and HDR support were also added with it. While this new and enhanced version needed a new purchase of the game to jump in, now Rockstar has decided to make it a free upgrade, dropping the $40 price tag entirely on consoles. "Beginning tomorrow, those who own any PS4 version or the digital Xbox One version of Grand Theft Auto V will be able to upgrade to the PS5 or Xbox Series X|S versions at no additional cost, and experience the best versions of GTA V and GTA Online," said the company in an official blog post. The free upgrade offer will be released tomorrow, June 18, for all Xbox One and PlayStation 4 owners of Grand Theft Auto V. Players who will be jumping in on the offer will want to check how to migrate their GTA Online profile from last-generation to current-generation consoles by heading over here. The offer lands ahead of The Kortz Center Heist hitting Grand Theft Auto Online, where players and crews will be tasked with stealing priceless international art from a prestigious gallery in Pacific Bluffs. It doesn't look like Rockstar plans to stop updating its previous game even with Grand Theft Auto VI being on the horizon. The latest title is slated to launch on November 19, 2026, across Xbox Series X|S and PlayStation 5.
    • The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months

      By +Sledge · Posted

      Now comes with a money back guarantee instead of a replacement! Hah

  • Recent Achievements

    • One Month Later
      Vincian earned a badge
      One Month Later
    • First Post
      Jocimo earned a badge
      First Post
    • Week One Done
      suprememobiles48 earned a badge
      Week One Done
    • One Month Later
      Windows Guy earned a badge
      One Month Later
    • One Month Later
      Prasann earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      511
    2. 2
      +Edouard
      172
    3. 3
      PsYcHoKiLLa
      89
    4. 4
      Steven P.
      76
    5. 5
      neufuse
      69
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!