Solved

Exchange/Outlook Web Access/IIS - secure DMZ setup on Watchguard 750e?

Posted on 2006-11-27
2
796 Views
Last Modified: 2010-08-05
Hi there,

I have been instructed to give secure OWA to our users and I wondered if it is possible to just install IIS on to a Server in the DMZ and then to have OWA requests 'through' that server to be forwarded to our Exchange server on the trusted internal LAN?

i.e. 2 physical boxes - one on trusted LAN and one sitting on DMZ.

Has anyone ever done this on a Watchguard Firebox 750e?

Thanks
0
Comment
Question by:ddh76
2 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 18020595
How do you think putting an Exchange server in the DMZ will provide secure access to OWA?
Please tell me as no one has given me an answer that is acceptable to that question yet.

Putting a domain member in the DMZ is a very bad idea. The number of changes that you have to make to the firewall turns the firewall in to swiss cheese and basically takes away all the security.

There are two ways to provide access to OWA.

1. Simply open port 443 to the internet from your Exchange server. Put an SSL certificate on to the Exchange server.
2. Put an ISA server in the DMZ, that is not a member of the domain and publish OWA through the ISA.

Simon.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now