OWA through PIX

OWA through PIX (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Server Security

Message

yousuf17 -> OWA through PIX (30.Aug.2006 6:18:01 AM)
Hi All, i need help on reconfiguring my network.i have Exchange 2003 installed on DC(due to lack of server machines) , ISA 2000 on other machine and also PIX firewall( DC and Exchange are not in DMZ). i want to allow OWA to external users, i had ask about it and one replies that i can get owa directly from PIX. that is if i gave a global ip to my users, then i subnet that ip on pix that if any request came from xx.xx.xx.xx then send it directly to my Exchange Server (On DC) for outlook web access. please guide me and help if this solution is vulnerable and prone to attack. Regards

xpuser8334 -> RE: OWA through PIX (30.Aug.2006 11:03:57 PM)
Hi, I had a similar configuration, but the server was a dedicated standalone MSE 2003 server. To configure the PIX for MS Exchange, Cisco actually have examples which most people follow. Although i read the articles, I had to cut down the amount of traffic, by reducing some of the ports found in the Cisco articles. If ou are using PIX 515/525 with version 6.1-6.3 the following is an excerpt from the cisco white papers. (Please note usual disclaimer rules apply - if it breaks something - don't come crying to me - i'm only trying to help) although it is for a front-end / back-end scenario, you apply the rules and ip's for the front end to your stand alone. please note - this is NOT the most secure way of doing things, and it can potentially leave your ass out of your trousers, waiting for Mr. MS Security Vulnerability Hacker to probe his way in. Try tie-ing access down to specific IPs, who require access to your mail server - i.e. clients and ISP passing SMTP mail to you. - try to watch your ass - as they say!!! Hope this helps. W. http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278f.html#wp1003526

Page: [1]