Solved

Accsseing E-mails

Posted on 2006-11-16
12
472 Views
Last Modified: 2010-08-05
Hi,

We are working on a single location with a single AD Domain called aaa.com.But only for the people while they are away for travelling we are using RSA SecurID for connecting to our network. Now some of the users that use their laptops to connect to our network using RSA SecurID finding it difficult for accssing their e-mails or folders after RSA SecurID passed the authentication. I do not know is there anything still we have to set up for users to send/receive e-mails and connect to the servers.

We are running a netscreen box as a firewall and the router to come in to our network.

We got the following servers.
One Domain Controller, which is actins as DHCP and DNS
One Exchange Server 2003
2 File Servers etc.

Could you please find a solution for this problem.

Thanks in advance

Sujith
0
Comment
Question by:sujith_siva
  • 4
  • 3
  • 2
  • +1
12 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17956534
what kind of problems are they having? any errors or anything?
wht do you mean they are only using the aaa.com domain when they are away traveling?  why aren't they using your 'regular' domain when they are away?
are the laptops in question on the domain?
are the users logging into the domain on their laptops?
how are they tring to access email? what program? Outlook? outlook web access?
if using outlook, what protocol are they using to access email? pop3, mapi etc?
0
 

Author Comment

by:sujith_siva
ID: 17956896
There is no error message comes up only message is "Authorisation Failed" try later, but sometimes it will connect
and people can send/recieve e-mails sometimes don't.

The domain I am mentioning is the regular domain we are running in a single domain environment.
It does not connect to the mail server for send/recieve mails.
All the laptops are connected to the Domain getting an ip address from a DHCP server which is inside a firewall in the private LAN.Users are trying to log on to the domain by using RSA SecurID.And by looking at the RSA SecurID we can see that at what time they are trying and if the authentication is successful or failure.We are pretty sure that RSA SecurID authentication has any kind of problems.When the RSA SecurID authenticate users can connect to our exchange server and all the files and folders.

RSASecurID ask for the Token Number + paascode and the User name.
Once that part done it will allow you to your files and folders and e-mails(Outlook 2003 os the mail client).

As I said the netscreen box ix the firewall/router for connecting to our internal network.

thanks in advance

0
 
LVL 7

Expert Comment

by:dlangr
ID: 17961477
it is probably your netscreen not letting some ports trough, as some are dynamic, request may sometimes work an sometimes not, like you described. Easiest thing is to use the https service of exchange. see http://www.msexchange.org/tutorials/outlookrpchttp.html
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 7

Expert Comment

by:dlangr
ID: 17961482
Easiest as you would only have to open up the https port. I would recommend the use of a VPN in combination with the https. Not sure if you have an VPN now.
0
 

Author Comment

by:sujith_siva
ID: 17963657
We don't have any VPN yet.How can I setup any VPN connection to allow the computers to speak with our local network .

Also our company have not running any Certificate services for authentication and I believe we need to run any Certificate services for running HTTPS.


 Any idea to open the port for easy comminication by using netscreen box.

all responses will be appreciated.

thanks
suj
0
 
LVL 9

Expert Comment

by:tim1731
ID: 17964502
options,

1.get a spare pc install sslexplorer on it and open a port on the firewall (443) and configure the users for it(free)
2.Install a cert on exchange and use ssl to access the exchange server(£30-200)
3.Buy a sonicwall ssl vpn device or netscreen ssl device and use it with the rsa device (£200-1800 depends on model)
4.Buy the remote client for the netscreen and setup vpn access (£87 for 10 concurrent users)
0
 

Author Comment

by:sujith_siva
ID: 17967880
We are already  installed the netscreen ns25 box as firewall/NAT/VPN and have 10 licenses.
But for installing a certificate in Exchange Server I have few queries?
If in any case if we want to change the name of the exchange server does this certificate allows to change the whole settings?
Does this certificate affect our DC if we want to rename it or change the location of the DC?

Is there anyway we can install VPN Policies on our netscreen box and how???

all inputs will be appreciated
thanks in advance

suj
0
 
LVL 9

Accepted Solution

by:
tim1731 earned 125 total points
ID: 17968333
Netscreen = http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&record_id=0244022611e8310108012c3c1901995

Cert for mail server is installed on the mail server and if you change the mail server you will need a new cert

http://www.startcom.org/ this will get you a free ssl cert
0
 
LVL 7

Assisted Solution

by:dlangr
dlangr earned 125 total points
ID: 17972866
- the certificate only needs to change if the fqdn you are running the website on changes. Not if you have a new machine, you would then just reinstall the certificate. also not if the machine changes it name. just when the url the clients access changes.
- no, it wont affect your ability to rename or change the location of the DC
0
 
LVL 7

Expert Comment

by:dlangr
ID: 18327461
Do you have further questions? Did our answers help? Please let us know, so others can learn from this.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Losing network connectivity 8 97
extend vlan through a layer 3 connection 31 144
DHCP for a guest wireless network 1 75
Cisco 3560 switches not seeing VTP V3 12 47
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question