Scenario 3: Single Portal Site on a Single Virtual Server (Using ISA Server 2004)

This section of the paper describes how to configure a SharePoint Portal Server deployment with a single portal site on a single virtual server, exposed to both the corporate intranet and to the extranet using Basic authentication and SSL only.

In this scenario, the portal site is hosted on the Default Web Site in IIS (that is, on the virtual server for the Default Web Site).

Before performing the steps that follow, ensure that the following are true:

  • SharePoint Portal Server is installed.
  • There is one portal site hosted on the Default Web Site in IIS.
  • You can access the portal site from your corporate intranet.

To enable the scenario described in this section, you must do the following steps, each of which is explained in detail later in this section:

  1. Configure Basic authentication on the Default Web Site in IIS.
  2. Install an SSL server certificate on the Default Web Site in IIS.
  3. Verify that you can access the portal site by using an internal SSL FQDN URL.
  4. Configure IIS to require SSL for the Default Web Site.
  5. Modify the default URL for the portal site.
  6. Verify that the proxy server settings for SharePoint Portal Server search are correctly specified.
  7. Configure the SharePoint Portal Server search service to use Basic authentication when crawling content sources.
  8. Create a public DNS entry.
  9. Configure the network adapters in the external ISA Server 2004 computer.
  10. Ensure that the appropriate SSL server certificates are installed on the external ISA Server 2004 computer.
  11. Configure the external ISA Server 2004 computer to allow outbound connections to the Internet.
  12. Edit the web.config file.
  13. Configure the external ISA Server 2004 computer to listen for incoming requests on the appropriate IP address.
  14. Create a secure Web server publishing rule on the external ISA Server 2004 computer.
  15. Verify that the secure Web server publishing rule properties are correct.
  16. Configure an alternate access setting that uses the public (external) FQDN URL that users will use to access the portal site.
  17. Verify that you can access the portal site through the Internet.

The following sections include procedures for the major steps above.

The examples in the following table are used in the procedures for this scenario.

Element Example used in this scenario
Extranet domain name Perimeter.Net
Intranet domain name Corp.Net
Front-end Web server internal FQDN ServerName.Perimeter.Net, where ServerName is the NetBIOS computer name of the front-end Web server
Front-end Web server internal FQDN URL (HTTP) http://ServerName.Perimeter.Net, where ServerName is the NetBIOS computer name of the front-end Web server
Front-end Web server internal FQDN URL (SSL) https://ServerName.Perimeter.Net, where ServerName is the NetBIOS computer name of the front-end Web server
Load-balancing internal FQDN Portal.Perimeter.Net (resolves to the load-balancing virtual IP address)
Load-balancing internal FQDN URL (HTTP) http://Portal.Perimeter.Net
Load-balancing internal FQDN URL (SSL) https://Portal.Perimeter.Net
External FQDN ExtranetPortal.Perimeter.Net (resolves to an IP address on the external network adapter on the external ISA Server 2004 computer)
External FQDN URL https://ExtranetPortal.Perimeter.Net
Default Web Site in IIS Hosts existing portal site, TCP port 80, SSL port 443
 
 
Applies to:
Deployment Center 2003, SPS Admin 2003