Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Activesync Using Cisco ASA

Posted on 2013-01-23
8
Medium Priority
?
856 Views
Last Modified: 2014-11-30
My requirement is to allow users using Android or I Phone to access the mails using Microsoft Activesync . The connectivity will be through Cisco ASA.
Let me know if this can be achieved through Cisco ASA.
Does Cisco ASA supports this. What type of connectivity is required.
Does it works on SSL VPN or it works on IPSec VPN ?
What kind of authentication is supported ?
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 10

Expert Comment

by:rscottvan
ID: 38811180
ActiveSync can simply be published on port 443 (SSL) and you can poke a hole in the firewall for an Exchange Frontend Server on that port.  I would say that's a reasonable solution if you have a separate Exchange server for frontend services, and it's in a DMZ.  If it's your internal Exchange server, VPN connectivity might be more prudent.

Either SSL or IPSec VPN would permit this type of connection.  Any connectivity to the internet outside the firewall would work fine.

RADIUS, Active Directory integrated, and local authentication would all be supported, as well as Cisco TACACS, or RSA SecurID.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38813761
I have my Exchange server inside & not in the DMZ.
In this scenario will SSL help.
Also if you have some document regarding this could you please share the same.
0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38815067
It simply depends on your security requirements and your configuration.

1. what version of Exchange?
2. is your exchange server IP address public or private?
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38815292
exchange 2007
Private IP Address
0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38815377
The simplest (but least secure) option would be to either do port translation or NAT from an outside IP to port 443 on the Exchange server.

If you configured either an SSL VPN or IPSec VPN, it would be more secure, but also more difficult for end users.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38823586
Do you have any document from cisco regarding this.
I searched but could not find relevant document from Cisco for similar connectivity
0
 
LVL 1

Accepted Solution

by:
David_Blumberg earned 2000 total points
ID: 40427137
Configuration on 8.1 and newer ios in ASA

object network SERVER
host 192.168.1.5 (IP ADDRESS OF YOUR SERVER)


access-list EXC permit tcp any object SERVER eq 443


class-map EXC
match access-list EXC


policy-map global_policy
class EXC
set connection timeout half-closed 0:30:00
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 40472269
Thanks
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Viewers will learn how to maximize accessibility options in an Excel workbook for users with accessibility issues.
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question