Tuesday, January 20, 2009

Configuration of ISA Firewall to Support Dynamic DNS Services

Dynamic DNS (DDNS) services enable users with dynamic IP addresses to register domain names users on the Internet can use to reach published resources. These DDNS services are a tremendous boon to small and home business users who would like to take the reins and run their own Internet accessible services. Examples of services you can make available over the Internet include:

Examples of services you can make available over the Internet include:

  • Exchange Outlook Web Access (OWA)
  • Exchange Outlook Mobile Access (OMA)
  • Exchange ActiveSync (EAS)
  • SMTP servers
  • POP3 servers
  • IMAP4 servers
  • Web servers
  • FTP servers
  • NNTP (news) servers
  • VPN servers
  • And lots more!

DDNS services solve the problem of being able to reach servers on your network from the Internet when your public IP address changes. For example, you might want to use the ISA firewall’s fantastic secure Exchange RPC publishing feature so that you can use the native Outlook MAPI client without incurring the overhead of upgrading to Exchange 2003 and Outlook 2003 just to get RPC over HTTP. The ISA firewall’s advanced RPC filter insures that you can connect securely over the Internet using the native Outlook client, regardless of what version of Outlook you might be using.

The secure Exchange RPC filter allows you to connect to any version of Exchange from any version of Outlook. I use it every time I’m on the road from airports and hotel broadband networks and I can assure you, once you deploy it, you’ll wonder how you ever lived without it. The secure Exchange RPC publishing feature is one of the ISA firewall’s features that confirms the ISA firewall stands head and shoulder’s above any other firewall when it comes to providing secure remote access to Exchange Server services. In fact, you do yourself and your organization a disservice if you allow remote access to Exchange without an ISA firewall in front of it.

The challenge for small and home business users is that when their IP address changes, they have no simple mechanism for determining what the new IP address is and subsequently they’re not able to connect to resources on their network.

For example, suppose you’re about to go on a trip and want to connect to the Exchange Server on your home office network. You create OWA and secure Exchange RPC publishing rules so you can reach the Exchange Server from your hotel and airport. You note down the IP address you currently have and configure Outlook to use that address and also to use it for OWA.

TZO is a DDNS service I’ve been using since the late 1990s and I consider one of the best, if not the best, DDNS provider available. We’ve had zero downtime with TZO and registering new domains with them is quite easy. For more information about their service, check out www.tzo.com

Source:http://www.isaserver.org/tutorials/2004TZO.html

No comments: