Solved

Activesync Using Cisco ASA

Posted on 2013-01-23
8
760 Views
Last Modified: 2014-11-30
My requirement is to allow users using Android or I Phone to access the mails using Microsoft Activesync . The connectivity will be through Cisco ASA.
Let me know if this can be achieved through Cisco ASA.
Does Cisco ASA supports this. What type of connectivity is required.
Does it works on SSL VPN or it works on IPSec VPN ?
What kind of authentication is supported ?
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 10

Expert Comment

by:rscottvan
ID: 38811180
ActiveSync can simply be published on port 443 (SSL) and you can poke a hole in the firewall for an Exchange Frontend Server on that port.  I would say that's a reasonable solution if you have a separate Exchange server for frontend services, and it's in a DMZ.  If it's your internal Exchange server, VPN connectivity might be more prudent.

Either SSL or IPSec VPN would permit this type of connection.  Any connectivity to the internet outside the firewall would work fine.

RADIUS, Active Directory integrated, and local authentication would all be supported, as well as Cisco TACACS, or RSA SecurID.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38813761
I have my Exchange server inside & not in the DMZ.
In this scenario will SSL help.
Also if you have some document regarding this could you please share the same.
0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38815067
It simply depends on your security requirements and your configuration.

1. what version of Exchange?
2. is your exchange server IP address public or private?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38815292
exchange 2007
Private IP Address
0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38815377
The simplest (but least secure) option would be to either do port translation or NAT from an outside IP to port 443 on the Exchange server.

If you configured either an SSL VPN or IPSec VPN, it would be more secure, but also more difficult for end users.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 38823586
Do you have any document from cisco regarding this.
I searched but could not find relevant document from Cisco for similar connectivity
0
 
LVL 1

Accepted Solution

by:
David_Blumberg earned 500 total points
ID: 40427137
Configuration on 8.1 and newer ios in ASA

object network SERVER
host 192.168.1.5 (IP ADDRESS OF YOUR SERVER)


access-list EXC permit tcp any object SERVER eq 443


class-map EXC
match access-list EXC


policy-map global_policy
class EXC
set connection timeout half-closed 0:30:00
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 40472269
Thanks
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As with any other System Center product, the installation for the Authoring Tool can be quite a pain sometimes. This article serves to help you avoid making these mistakes and hopefully save you a ton of time on troubleshooting :)  Step 1: Make sur…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question