Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Accessing Exchange w/ Outlook from home

Status
Not open for further replies.
bubarooni

bubarooni

Technical User
Joined
May 13, 2001
Messages
506
Location
US
I have users who want to be able to access their Outlook accounts from home. I have OWA running but it's not good enough.

How do I do this? Do I need to open certain ports on my firewall?

The Exchange server sits behind a Cisco 1750 router with a PIX 506 in front of the router.

Thanks for any input
 
Sort by date Sort by votes
Good luck running outlook over the internet. You'll need to have a pretty big PIPE. OWA is the best thing you can do without the luxory of a T3 line at HQ and DSL to all remote users. You can write your own version of OWA in ASP, but that will take a lot of time. :-(

-Bad Dos
 
Upvote 0 Downvote
Tell me you are an 'Expert' and I can then tell them it can't be done! It would save oodles of my time and effort...
 
Upvote 0 Downvote
It can be done and it's really not that bad. Any kind of broadband connection should suffice. You really don't want to open ports on your firewall because unless they have static IPs you'll be opening yourself up to attack from the Internet. You probably want to do this via a VPN. We use a Cisco VPN Concentrator 3005 and the software client on the workstation and it works fine.

If you want to know what ports to open just 'term mon' on your PIX and watch the packets get denied as you have someone test the connection and then just open the tcp/udp ports it reports the client trying to use. should have all the ports if you want to look it up there.
Tom Bilan
TJBA, Inc.
CCNP, CCDP, MCSE & CNE
 
Upvote 0 Downvote
You could also accomplish this through the use of a dynamic access lists. Try this link to read about it:
In doing this, you'll have to set up some type of authentication on the router. Basically, when a user wants to access the exchange server, they will initiate a telnet session to the router, and authenticate themselves. The router then creates a dynamic opening for that user (their ip address) to get to whatever internal resources you have designated, and closes the telnet session. The timeouts on the dynamic openings are configurable, so as not to leave the holes in the firewall for extended periods of time. If you do this, it ties up the ports for telnet and basically assigns them to be used for the authentication purpose. The way you can deal with this is to add a rotary 1 command to the last couple of vty ports so that you can telnet to them on port 3001 for management. Anyway, just a possibility...I use this for some of my users and it works very well.


Matt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
540
CPM86
CPM86
DTGMI
  • Locked
  • Question Question
Moving from Juniper SRX-240 to Cisco ??
Replies
0
Views
343
DTGMI
DTGMI
jarod_paris
  • Locked
  • Question Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
602
jarod_paris
jarod_paris
WinstonCH
  • Locked
  • Helpful tip Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
882
BIS
BIS
PThomp3344
  • Locked
  • Question Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
665
nt8d09
nt8d09

Part and Inventory Search

Sponsor

Back
Top