Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 232
  • Last Modified:

Remote Exchange Access with no VPN

Can someone please point me to some information regarding the setup required to have external clients access their outlook email remotely.

Currently all users can access their email through Outlook Web Access.

I have followed steps from Microsoft Exchange Server's Admin Pocket Consultant and successfully set up a remote mail client.
The client has successfully downloaded all of the mail to its local cached copy.

As soon as this client is plugged into a foreign network (to the domain) or uses a dial up internet account it cannot resolve the mailserver's name and therefore can not retrieve any new mail or send mail. (They cannot ping the mailserver's name either as they could whilst on the domain in the office - as a stand alone workstation - not part of the domain.)

Does a unique DNS entry need to be made in order for people to connect to the mailserver?
Is this a firewall situation that needs to be addressed to allow the remote clients exclusive access to a different protocol?

Please can some point me in the right direction?!!
0
Programmers
Asked:
Programmers
  • 2
  • 2
1 Solution
 
BrentDevOpsCommented:
You could add an entry to the hosts file on the PC that points to the server.  if the server is located behind a firewall and they are trying to access from the internet, you need to have ports open and external dns that points to that servername.

I am not sure about the network situation you are describing, can you be more specific?  You could have routing issues as well as port and dns issues depending on the setup and access points from which the users is connecting.
0
 
ProgrammersAuthor Commented:
Ok
Basically the network situation is as follows:

External DNS Servers point  DNS requests to our internal servers on the fixed IP's / Router / LAN / Win2003 Domain - PDC Windows 2000 Server / 2 other 2003 DC's / Local DNS Active Directory Integrated. Mailserver running Exchange 2003 / Webserver running II6.

Exchange server is almost an out of the box installation.

The router has been configured to allow our Webserver to serv to the outside world. As far as I know the router does not restrict any outgoing traffic but does restrict what comes in.

Is there any other information I need to gather for you?

0
 
BrentDevOpsCommented:
If you have external DNS servers pointing to your external IP or IP's and your router is configured to allow translastion from external to internal and the ports are open to the mail server for outlook clients to connect, the only issue left is DNS.  Since outlook profiles are configured to look for servername and not servername.whatever.com, you need to add a host entry to each machine that points to the external ip of the mail server.  I have done this with a batch file that executes when people login, the only issue is, if your firewall wont redirect the port back in because it came from inside, you may need to have the user execute a batch file that changes the host file as needed depending on where the users is.  This batch file would be executed by the user and reside on the users machine.  This is why using OWA is better.
0
 
SembeeCommented:
To access Outlook remotely without a VPN will basically mean exposing your entire network to the Internet. You may as well not bother with a firewall and just hope your users are using strong passwords as you will be attacked.

Furthermore Outlook needs port 135 access which most ISPs will block.

If you really cannot use a VPN then you can only use OWA, or upgrade to Exchange 2003. If you go to Exchange 2003 (on a Windows 2003 server in at least a mixed Windows 2003 domain) then you could use RPC/HTTPS. This provides secure access over port 443 which means it will get through most firewalls and will not be blocked by the ISPs.

Simon.
0
 
SembeeCommented:
Just going through some of the old outstanding questions as it is quiet...

Has this problem been resolved?
If you need clarification on any part of the responses above, please post back.

Otherwise you need to close the question by awarding points, or posting in the Support Topic Area (top right corner) with a link to this question asking for the moderators to close the question for you without awarding points.

Simon.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now