Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

RPC over https for Outlook - Single Server Implementation

Posted on 2008-10-29
7
Medium Priority
?
341 Views
Last Modified: 2009-06-22
I would like to setup my external customers (on the internet) to use Outlook using RPC over https.  I would like to do the single exhange server deployment.  I no perimeter network, no ISA server, or front end proxy server.  We have one firewall.

Is it reasonable to use our Sonicwall to filter the RPC traffic from the outside to our exchange server.  Essentially, I would have to open up ports 6001, 6002, and 6004 (443 is already open)?

client --> sonicwall --> exchange server with rpc over http (configured for https, forced 128bit encryption)
0
Comment
Question by:katfpi
  • 3
5 Comments
 
LVL 15

Accepted Solution

by:
tenaj-207 earned 1000 total points
ID: 22837081
The first time I did this I used this walk through;
http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

The only suggestion I would make is that you purchase a certificate from Network solutions, GoDaddy or somewhere else.  The self made certificates can cause more problems then what there worth.

If this is a SBS server then you can use a wizard to set this up very easily (even with a self made certificate).
http://technet.microsoft.com/en-us/library/bb123622(EXCHG.65).aspx
0
 
LVL 15

Assisted Solution

by:HayesJupe
HayesJupe earned 1000 total points
ID: 22838317
you only need to open 443 to the outside world - the other ports you mention are internal use only.
0
 

Author Comment

by:katfpi
ID: 22841974
Thank you for your response.  I have a 3rd party cert in place for that server already, so it will be a pretty simple process once I feel good about the firewall aspects.

I feel like more research is needed.  The perimeter network accepts incoming traffic and re-routes it specifically and securely inside.

You don't think it's too much of a risk to take out the middle man?  I would be exposing the exchange ports to the outside world.  Having the ISA server would allow us simply to expose those ports via that server only.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22842648
Since the middle man is forwarding all the ports anyway then the additional risk is minimal, assuming your firewall is configured properly.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 24651993
Thanks for all your clean up work angelIII!!!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Among the most obnoxious of Exchange errors is error 1216 – Attached Database Mismatch error of the Jet Database Engine. When faced with this error, users may have to suffer from mailbox inaccessibility and in worst situations, permanent data loss.
As a matter of fact, Outlook OST files are of much importance in relation to Exchange mailbox. OST files are independent as they are simply copy of data of a user’s mailbox on Exchange Server. Though, if the server’s status is changed or it is dama…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month10 days, 15 hours left to enroll

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question