Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
OWA through PIX
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
 Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM
|
|
TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!
|
OWA through PIX - 30.Aug.2006 6:18:01 AM
|
|
|
yousuf17
Posts: 1
Joined: 25.Apr.2005
From: pkaistan
Status: offline
|
Hi All, i need help on reconfiguring my network.i have Exchange 2003 installed on DC(due to lack of server machines) , ISA 2000 on other machine and also PIX firewall( DC and Exchange are not in DMZ). i want to allow OWA to external users, i had ask about it and one replies that i can get owa directly from PIX. that is if i gave a global ip to my users, then i subnet that ip on pix that if any request came from xx.xx.xx.xx then send it directly to my Exchange Server (On DC) for outlook web access.
please guide me and help if this solution is vulnerable and prone to attack.
Regards
|
|
|
|
RE: OWA through PIX - 30.Aug.2006 11:03:57 PM
|
|
|
xpuser8334
Posts: 4
Joined: 30.Aug.2006
Status: offline
|
Hi,
I had a similar configuration, but the server was a dedicated standalone MSE 2003 server.
To configure the PIX for MS Exchange, Cisco actually have examples which most people follow.
Although i read the articles, I had to cut down the amount of traffic, by reducing some of the ports
found in the Cisco articles.
If ou are using PIX 515/525 with version 6.1-6.3
the following is an excerpt from the cisco white papers.
(Please note usual disclaimer rules apply - if it breaks something - don't come crying to me - i'm only trying to help)
although it is for a front-end / back-end scenario, you apply the rules and ip's for the front end to your stand alone.
please note - this is NOT the most secure way of doing things, and it can potentially leave your ass out of your trousers, waiting for Mr. MS Security Vulnerability Hacker to probe his way in.
Try tie-ing access down to specific IPs, who require access to your mail server - i.e. clients and ISP passing SMTP mail to you. - try to watch your ass - as they say!!!
Hope this helps.
W.
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278f.html#wp1003526
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
