We currently have 2 ESXi 5 hosts in a cluster running about 30 VMs.
We are running exchange 2010 and would like to publish our OWA, ActiveSync, OAB, Outlook Anywhere to the internet.
Our requirements are to set up TMG 2010 as a VM on this same cluster.
Is this possible?
My thinking was to use 1 physical NIC connection to each ESXi host to create a new virtual Network and bind that to one of the vNICs in the TMG2010 VM and then create a 2nd vNIC in the TMG2010 VM which is binded to the internal domain network that all VMs are using.
How can I configure this to keep exchange safe as well as not expose our ESXi hosts to attack?
I need to figure out what to tell our networking people we need for that 1 pNIC that needs to be exposed to the internet. Or if we should still keep it behind firewall and just pass through specific port traffic to help protect ESXi but still allow ports that TMG2010 will need to publish Exchange Web Services.