?
Solved

RPC over https for Outlook - Single Server Implementation

Posted on 2008-10-29
7
Medium Priority
?
338 Views
Last Modified: 2009-06-22
I would like to setup my external customers (on the internet) to use Outlook using RPC over https.  I would like to do the single exhange server deployment.  I no perimeter network, no ISA server, or front end proxy server.  We have one firewall.

Is it reasonable to use our Sonicwall to filter the RPC traffic from the outside to our exchange server.  Essentially, I would have to open up ports 6001, 6002, and 6004 (443 is already open)?

client --> sonicwall --> exchange server with rpc over http (configured for https, forced 128bit encryption)
0
Comment
Question by:katfpi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 15

Accepted Solution

by:
tenaj-207 earned 1000 total points
ID: 22837081
The first time I did this I used this walk through;
http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

The only suggestion I would make is that you purchase a certificate from Network solutions, GoDaddy or somewhere else.  The self made certificates can cause more problems then what there worth.

If this is a SBS server then you can use a wizard to set this up very easily (even with a self made certificate).
http://technet.microsoft.com/en-us/library/bb123622(EXCHG.65).aspx
0
 
LVL 15

Assisted Solution

by:HayesJupe
HayesJupe earned 1000 total points
ID: 22838317
you only need to open 443 to the outside world - the other ports you mention are internal use only.
0
 

Author Comment

by:katfpi
ID: 22841974
Thank you for your response.  I have a 3rd party cert in place for that server already, so it will be a pretty simple process once I feel good about the firewall aspects.

I feel like more research is needed.  The perimeter network accepts incoming traffic and re-routes it specifically and securely inside.

You don't think it's too much of a risk to take out the middle man?  I would be exposing the exchange ports to the outside world.  Having the ISA server would allow us simply to expose those ports via that server only.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22842648
Since the middle man is forwarding all the ports anyway then the additional risk is minimal, assuming your firewall is configured properly.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 24651993
Thanks for all your clean up work angelIII!!!
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Course of the Month11 days, 3 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question