We still want Active Sync and it uses 443 just like OWA. Jim's "thinking out loud" mentioned a lot of the things I've found, but the solution below seems easy to apply, easy to reverse if it doesn't work, no service/server reboots, no DNS changes, no NIC changes, no firewall changes, and no certificates.
From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Chenault Sent: Wednesday, September 09, 2015 12:56 PM To: [email protected] Subject: RE: [Exchange] Restrict external OWA access Perhaps I'm missing something... if you dont' want OWA available externally don't let the firewall route to it. Or are you trying to restrict specific users? ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: [Exchange] Restrict external OWA access Date: Wed, 9 Sep 2015 14:17:59 +0000 I've looking for a way to restrict OWA access externally. One method which intrigues me is this: http://www.leederbyshire.com/Articles/Block-Or-Allow-OWA-Depending-On-Location-2007.asp Although written for Exchange 2007 (this environment is Exchange 2010), the files exist and it seems that it would work. Other solutions involve setting up a second IP address and setting up another virtual directory. This seems to be the less complicated of any other method I've found. Would anyone care to chime in with an opinion? -Paul
