Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense and Exchange / Dynamics CRM / ADFS

    Cache/Proxy
    1
    1
    580
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Topski
      last edited by

      Hi All,

      Just recently started out with pfSense as a replacement for the dying TMG platform and from what I can tell right now it looks quite promising.

      Now I am at the point of getting my Owa/Mapi/RCP over HTTP/and so on out through pfSense. And the 1st question is, do I really need Squid? Or can I use just reverse NAT? I heard the Squid has a plugin for Owa kinda things, but that gives me some goose skin. Does this plugin also has a Forms Based Auth like TMG, or is it jts doing reverse proxing with no mangling involved? Hoping for the latter of course. Same goes for CRM.

      My backend services are currently configured with TLS and I want to keep it that way. Wil lthat works as well with having pfSense (or Squid plugged in) doing the brigde (terminating on pfSense and initiating from there TLS to my back ends)?

      Last, can I use SNI to run Exchange/CRM and ADFS on the same public IP? I wanted to use HAProxy for that, but preferably not as a plugin, but on separate VMs. Has anyone tried this?

      Thanks!

      BR,
      Ronald

      PS: The only functionality I am missing, TMG can match outgoing firewall rules with AD accounts, so some user can use for instance tcp/3389 and some cannot, based on AD membership. Haven't seen this in open source products till now. Am I missing something maybe? Of course, matching FW rules against AD imposes performance issues, that is why TMG is client based.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.