Remote Exchange Access with no VPN

Posted on 2005-03-22
Medium Priority
Last Modified: 2006-11-17
Can someone please point me to some information regarding the setup required to have external clients access their outlook email remotely.

Currently all users can access their email through Outlook Web Access.

I have followed steps from Microsoft Exchange Server's Admin Pocket Consultant and successfully set up a remote mail client.
The client has successfully downloaded all of the mail to its local cached copy.

As soon as this client is plugged into a foreign network (to the domain) or uses a dial up internet account it cannot resolve the mailserver's name and therefore can not retrieve any new mail or send mail. (They cannot ping the mailserver's name either as they could whilst on the domain in the office - as a stand alone workstation - not part of the domain.)

Does a unique DNS entry need to be made in order for people to connect to the mailserver?
Is this a firewall situation that needs to be addressed to allow the remote clients exclusive access to a different protocol?

Please can some point me in the right direction?!!
Question by:Programmers
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Expert Comment

ID: 13608870
You could add an entry to the hosts file on the PC that points to the server.  if the server is located behind a firewall and they are trying to access from the internet, you need to have ports open and external dns that points to that servername.

I am not sure about the network situation you are describing, can you be more specific?  You could have routing issues as well as port and dns issues depending on the setup and access points from which the users is connecting.

Author Comment

ID: 13608907
Basically the network situation is as follows:

External DNS Servers point  DNS requests to our internal servers on the fixed IP's / Router / LAN / Win2003 Domain - PDC Windows 2000 Server / 2 other 2003 DC's / Local DNS Active Directory Integrated. Mailserver running Exchange 2003 / Webserver running II6.

Exchange server is almost an out of the box installation.

The router has been configured to allow our Webserver to serv to the outside world. As far as I know the router does not restrict any outgoing traffic but does restrict what comes in.

Is there any other information I need to gather for you?


Expert Comment

ID: 13608935
If you have external DNS servers pointing to your external IP or IP's and your router is configured to allow translastion from external to internal and the ports are open to the mail server for outlook clients to connect, the only issue left is DNS.  Since outlook profiles are configured to look for servername and not servername.whatever.com, you need to add a host entry to each machine that points to the external ip of the mail server.  I have done this with a batch file that executes when people login, the only issue is, if your firewall wont redirect the port back in because it came from inside, you may need to have the user execute a batch file that changes the host file as needed depending on where the users is.  This batch file would be executed by the user and reside on the users machine.  This is why using OWA is better.
LVL 104

Accepted Solution

Sembee earned 1000 total points
ID: 13616849
To access Outlook remotely without a VPN will basically mean exposing your entire network to the Internet. You may as well not bother with a firewall and just hope your users are using strong passwords as you will be attacked.

Furthermore Outlook needs port 135 access which most ISPs will block.

If you really cannot use a VPN then you can only use OWA, or upgrade to Exchange 2003. If you go to Exchange 2003 (on a Windows 2003 server in at least a mixed Windows 2003 domain) then you could use RPC/HTTPS. This provides secure access over port 443 which means it will get through most firewalls and will not be blocked by the ISPs.

LVL 104

Expert Comment

ID: 15579843
Just going through some of the old outstanding questions as it is quiet...

Has this problem been resolved?
If you need clarification on any part of the responses above, please post back.

Otherwise you need to close the question by awarding points, or posting in the Support Topic Area (top right corner) with a link to this question asking for the moderators to close the question for you without awarding points.


Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question