Without delving into the specific acronyms in the title, there is often much confusion when implementing SharePoint (MOSS) with a public face – ie. as an extranet or internet.
In many cases, there will be an ISA (Internet Security & Acceleration) Server which is used for a firewall, and/or VPN connectivity.
I’ll be up-front and honest and admit that I’m not so familiar with the inner workings of ISA and much of the configuration required for ISA – sounds like a bit of a black-art.
There is a dedicated team of infrastructure folk here at Dimension Data (thankfully) – who I can ask questions, or simply task the team with the config for a client.
For SharePoint, there are some configurations required to work with ISA – including the Alternative Access Mappings (AAM) allowing a user to navigate to a server – or, as Shakespeare might say – a server by another other name would small as sweet ?
Confused yet ? OK – I am a little as well.
Throw some certificates and encryption into the mix (SSL) – and a cluster or farm of SharePoint Web Front Ends, and you can get tied up in knots – ending the day with a headache.
Found a great post from the Microsoft ISA Team Blog – covering some of the architecture and exploring one particular issue relating to MOSS and ISA :
Troubleshooting Sharepoint/MOSS 2007 publishing through ISA Server can be really challenging, mainly because most of the times the argument is “…but it works just fine internally”.
There is also a great introductory article (TechNet) about some of the planning and considerations required for an ISA implementation – and the mysterious AAM scenario :
Alternate access mappings enable Office SharePoint Server 2007 to map Web requests to the correct Web applications and sites, and they enable Office SharePoint Server 2007 to serve the correct content back to the user.
Some good material – and well worth a read-through when planning/implementing an externally facing SharePoint setup.