After a long struggle I finally got (test) CRM up both internally and externally. My joy was short lived, though. In my setup I put both the CRM server and ADFS server directly on a public IP. I have now learned that this is a big no-no and ines, SBS 2008
(which hosts my ADFS) should only be on an private IP address. So I guess I will have to put my host, virtual CRM server and virtual SBS server (with ADFS) behind a router and either configure them with DHCP or set a PRIVATE static IP. Is this how Microsoft
was also envisioning it for CRM or do they expect one or both of these servers (CRM & SBS/ADFS) being on public IPs?
For now I assume they should not be on public IPs. Now according to the guide for claims based authentication I need to have [orgname].[domain].com point to my CRM server and auth.[domain].com point to my SBS/ADFS server. How is that done? Do I have to configure
the router so that traffic to these IPs are routed to static private IP addresses associated with those two servers? Or can these servers be on dynamic IPs and the DNS settings (as explained in the aforementioned guide) on the SBS server sort everything out?
