Solved

Activesync Using Cisco ASA

Posted on 2013-01-23
8
648 Views
Last Modified: 2014-11-30
My requirement is to allow users using Android or I Phone to access the mails using Microsoft Activesync . The connectivity will be through Cisco ASA.
Let me know if this can be achieved through Cisco ASA.
Does Cisco ASA supports this. What type of connectivity is required.
Does it works on SSL VPN or it works on IPSec VPN ?
What kind of authentication is supported ?
0
Comment
Question by:SrikantRajeev
  • 4
  • 3
8 Comments
 
LVL 10

Expert Comment

by:rscottvan
Comment Utility
ActiveSync can simply be published on port 443 (SSL) and you can poke a hole in the firewall for an Exchange Frontend Server on that port.  I would say that's a reasonable solution if you have a separate Exchange server for frontend services, and it's in a DMZ.  If it's your internal Exchange server, VPN connectivity might be more prudent.

Either SSL or IPSec VPN would permit this type of connection.  Any connectivity to the internet outside the firewall would work fine.

RADIUS, Active Directory integrated, and local authentication would all be supported, as well as Cisco TACACS, or RSA SecurID.
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
I have my Exchange server inside & not in the DMZ.
In this scenario will SSL help.
Also if you have some document regarding this could you please share the same.
0
 
LVL 10

Expert Comment

by:rscottvan
Comment Utility
It simply depends on your security requirements and your configuration.

1. what version of Exchange?
2. is your exchange server IP address public or private?
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
exchange 2007
Private IP Address
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 10

Expert Comment

by:rscottvan
Comment Utility
The simplest (but least secure) option would be to either do port translation or NAT from an outside IP to port 443 on the Exchange server.

If you configured either an SSL VPN or IPSec VPN, it would be more secure, but also more difficult for end users.
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
Do you have any document from cisco regarding this.
I searched but could not find relevant document from Cisco for similar connectivity
0
 
LVL 1

Accepted Solution

by:
David_Blumberg earned 500 total points
Comment Utility
Configuration on 8.1 and newer ios in ASA

object network SERVER
host 192.168.1.5 (IP ADDRESS OF YOUR SERVER)


access-list EXC permit tcp any object SERVER eq 443


class-map EXC
match access-list EXC


policy-map global_policy
class EXC
set connection timeout half-closed 0:30:00
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
Comment Utility
Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Article by: Leon
Software Metering within our group of companies has always been an afterthought until auditing of software and licensing became a pain point. Orchestrator and SCCM metering gave us the answer and it was an exciting process.
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now