Solved

Exchange/Outlook Web Access/IIS - secure DMZ setup on Watchguard 750e?

Posted on 2006-11-27
2
804 Views
Last Modified: 2010-08-05
Hi there,

I have been instructed to give secure OWA to our users and I wondered if it is possible to just install IIS on to a Server in the DMZ and then to have OWA requests 'through' that server to be forwarded to our Exchange server on the trusted internal LAN?

i.e. 2 physical boxes - one on trusted LAN and one sitting on DMZ.

Has anyone ever done this on a Watchguard Firebox 750e?

Thanks
0
Comment
Question by:ddh76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 18020595
How do you think putting an Exchange server in the DMZ will provide secure access to OWA?
Please tell me as no one has given me an answer that is acceptable to that question yet.

Putting a domain member in the DMZ is a very bad idea. The number of changes that you have to make to the firewall turns the firewall in to swiss cheese and basically takes away all the security.

There are two ways to provide access to OWA.

1. Simply open port 443 to the internet from your Exchange server. Put an SSL certificate on to the Exchange server.
2. Put an ISA server in the DMZ, that is not a member of the domain and publish OWA through the ISA.

Simon.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question