I have an almost identical config here - with the exception of NT4 for the
OWA box (don't have much win2k expertise and currently don't run any
Exchange stuff on it). Otherwise I do use a 1-way trust from the DMZ, and
the port bindings for the DS and IS on the Exchange box are 1225 and 1226
make
sure W2K is using service pack 2. What ports are open on the firewall for
access and what permissions are granted.
I
think ports 1025 and 1026 (not just 1025)higher need to be
open because of RPC. I tend to stay away from this type of set up ,it is (my
feeling) that it is less secure
-
From: Mark Kelsay [EMAIL PROTECTED]
To: MS-Exchange Admin Issues [EMAIL PROTECTED]
Sent: Thursday, October 25, 2001 3:09 PM
Subject: RE: OWA in DMZ?
This is what I do as well. Works great for me.
-Original Message-
From: Briggs, Bruce [mailto:[EMAIL PROTECTED]]
Sent
Subject: Re: OWA in DMZ?
How do I get started setting this up? I've not worked with SSL and
certificates before. Any detailed instructions or links would be
appreciated. We're using NAT behind the firewall, so how do I route the
requests to the internal box without exposing too much? Thanks
Title: RE: OWA in DMZ?
Albany.
Not
visited New Paltz campus in a while to check out the visual quality of campus
life...
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Sent: Thursday, October 25, 2001
4:35 PMTo: MS-Exchange Admin IssuesSubject: RE: OWA in
DMZ
OWA on an internal box with SSL.
You could use your existing internal OWA box, just install a certificate.
Bruce Briggs
System Administration
State University of NY
-Original Message-
From: Dianne Roberts [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 25, 2001 2:49 PM
To:
It's always those state workers!!
Which State University of NY???
Jamie
Binghamton University
-Original Message-
From: Briggs, Bruce [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 25, 2001 3:09 PM
To: MS-Exchange Admin Issues
Subject: RE: OWA in DMZ?
OWA on an internal box
I've always advocated putting the OWA box internal to your network.
OWA accesses the exchange server using MAPI, therefor requiring several
compromisable ports to be open. Depending on what else you use your DMZ
for, this may not be acceptible. Others will say OWA internally is
This is what I do as well. Works great for me.
-Original Message-
From: Briggs, Bruce [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 25, 2001 3:09 PM
To: MS-Exchange Admin Issues
Subject: RE: OWA in DMZ?
OWA on an internal box with SSL.
You could use your existing internal OWA