• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

OWA and Cisco PIX Firewall

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2007] >> Outlook Web Access >> OWA and Cisco PIX Firewall Page: [1]
Login
Message << Older Topic   Newer Topic >>
OWA and Cisco PIX Firewall - 30.Jan.2008 4:25:43 PM   
Janus1967

 

Posts: 1
Joined: 30.Jan.2008
Status: offline 		Hoping someone on the forum can assist me.  We're running OWA2007 behind Cisco PIX ASA5510 Firewalls.  I have a rule that allows incoming OWA with both http and https as the allowed protocols in a destination protocol group (as managed through the Cisco ASDM GUI).  Are there any other protocols that need to be allowed for OWA to function fully?  At the moment, it is accessible and seems to be running fine.
 
Many thanks to all who might have comments or suggestions.
 
J67
Post #: 1
RE: OWA and Cisco PIX Firewall - 30.Jan.2008 4:43:21 PM   
a.grogan

 

Posts: 1917
Joined: 12.Apr.2005
From: London
Status: offline 		Hiya chap your access lists via the PIX IOS should only require NAT'ing to internal addresses over port 80 or 443 (SSL) and then applied to an access group which corresponds to the external interface.

If you are worried about security you could consider publishing OWA via ISA server and then NAT'ing the traffic to the ISA server address (this would perhaps give you inspection capabilities) - but it sounds like you are ok at the moment.

I hope that helps

A

_____________________________

Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my website:
W: http://www.telnetport25.com/
B: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com

(in reply to Janus1967)
Post #: 2
RE: OWA and Cisco PIX Firewall - 31.Jan.2008 2:57:41 AM   
rishishah

 

Posts: 784
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline 		Out of interest why would you want to open port 80 (HTTP) to OWA?

I take it that you are publishing OWA to the Internet and hence take into account good Security practice you should really only use 443 HTTPS.


_____________________________

Rishi Shah, MCP

Remember to backup before applying the advice. www.saiconsult.co.uk. Happy to provide Professional Exchange Server Consultancy to anywhere in the world.

(in reply to Janus1967)
Post #: 3
RE: OWA and Cisco PIX Firewall - 29.Feb.2008 5:23:11 PM   
loculi

 

Posts: 38
Joined: 15.Sep.2005
Status: offline 		Some folks like to keep port 80 open so they can configure a redirect for users who forget to type, "https://" when accessing OWA.  I know it cut down my support requests hehe.

(in reply to rishishah)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2007] >> Outlook Web Access >> OWA and Cisco PIX Firewall Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter