Announcement

Collapse
No announcement yet.

Accessing OWA from the Internet.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Accessing OWA from the Internet.

    Just a quick question, we are setting up a single server Ex20003 box and would like people to access the web facilty over the internet. I've been reading lots of articles about RPC/SSL/FE-BE etc. is it possible or advisable to simply put a port forwarder on the firewall from [email protected] to the Exchange server. and use the https://ipnumber to access OWA.

    Thanks
    ________
    Kawasaki ZR750F
    Last edited by Richie; 19th January 2011, 19:44.

  • #2
    Its certainly possible, but not the recommended way. You don't want anything external going direct to your exchange server if you can help it. (SMTP is usually the only one).

    It's advisable to installed a front-end\back-end solution, then put your front end if your DMZ.

    topper.
    * Shamelessly mentioning "Don't forget to add reputation!"

    Comment


    • #3
      Extremely curious as to why you would want to forward to an IP?
      1 1 was a racehorse.
      2 2 was 1 2.
      1 1 1 1 race 1 day,
      2 2 1 1 2

      Comment


      • #4
        Topper

        Thanks, in an ideal world where money and resources were no object, i'd do that, I suppose what i'm trying to find out is what exactly how vunerable the Ex box would be if setup like i suggested.

        Thanks
        ________
        silversurfer vaporizer
        Last edited by Richie; 19th January 2011, 19:44.

        Comment


        • #5
          I suppose if you put a certificate on (v highly recommended), and keep the server fully patched with only tcp443 access to it then there is not much else you can do.

          Unless you can lock down external source access' to specific IP address'.

          topper
          * Shamelessly mentioning "Don't forget to add reputation!"

          Comment


          • #6
            Biggles,
            Ip number on the internet side of the firewall is public, ip numbers behind the firewall are private (fiewall does NAT) any traffic addressed to https://ipnumber (as its https it would use port 443 not 80) would be forwarded to the exchange box where the OWA would open up.

            Topper
            Have done my own SSL certificate, All servers are automatically patched but i cant restrict ip access at the firewall as people will be accessing from all over.
            ________
            silversurfer reviews
            Last edited by Richie; 19th January 2011, 19:44.

            Comment


            • #7
              Not sure if I understand you correctly, but setting your firewall to forward 443 traffic to an internal IP does away with the need to use the IP. User will find it easier to remember a name than a number. There are also instructions for modifying the FBA so www.mailserver.com/exchange will automatically convert to https://www.mailserver.com/exchange . You can also modify the logon screen to insert the Domain name. Less training for the users because we just know leaving out the domain will cause "The email is not working" complaint.
              1 1 was a racehorse.
              2 2 was 1 2.
              1 1 1 1 race 1 day,
              2 2 1 1 2

              Comment

              Working...
              X