A few months ago we published a Whitepaper detailing the steps required to securely publish Exchange to the Internet using TMG and UAG. (That document has recently been updated by the way, and th...
Updated Jul 01, 2019
Version 2.0
Blog Post
Hi Adam, glad you find the papers useful, thanks for the feedback.
You are quite right that neither TMG nor UAG can load balance RPC traffic, and so for that you do need to look at a hardware or software load balancer.
Once you throw one of those into the mix, and you have TMG or UAG then you are right again that you have some additional things to consider. I posted a while back on the issue, and which scenarios, such as cert auth that require you use a web farm, rather than trying to publish a load balancer.
The article is here http://msexchangeteam.com/archive/2010/07/20/455575.aspx - but in general terms, use a web farm on TMG/UAG for internet based access, and the load balancer for internal access.
You are quite right that neither TMG nor UAG can load balance RPC traffic, and so for that you do need to look at a hardware or software load balancer.
Once you throw one of those into the mix, and you have TMG or UAG then you are right again that you have some additional things to consider. I posted a while back on the issue, and which scenarios, such as cert auth that require you use a web farm, rather than trying to publish a load balancer.
The article is here http://msexchangeteam.com/archive/2010/07/20/455575.aspx - but in general terms, use a web farm on TMG/UAG for internet based access, and the load balancer for internal access.