RE: OWA Front-end server problems - Access Denied!

  • From: "Ricardo Watanabe" <ricardowt@xxxxxxxxxxx>
  • To: exchangelist@xxxxxxxxxxxxx
  • Date: Sun, 08 Dec 2002 14:32:39 -0200


You need to open the ports below only:
443(SSL) - HTTPS Services
80 - HTTP Service (If necessary)
25 - SMTP Services
It's necessary one rule in the Firewall:
Source: ANY
Destination: OWA Server
Services: HTTPS, HTTP, SMTP
It's necessary also, create another rule to comunication between OWA Server with the Exchange Server:
Source: OWA Server
Destination: Exchange Servers
Services: SMTP
I would like tell too, how the OWA server is in a DMZ, maybe be necessary create NAT too.


Regards,

Ricardo





From: "ONG Liang Bu (CSC)" <lbong@xxxxxxxxxx>
Reply-To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
Subject: [exchangelist] RE: OWA Front-end server problems - Access Denied!
Date: Sun, 8 Dec 2002 15:59:55 +0800

http://www.MSExchange.org/

Bjorn,

We are in the middle of deploying the same thing, Frontend at DMZ,
have you done all these, openning up all necessary ports?
This is only advisable if you have two-layer firewall, otherwise
you will be openning up too many ports in the firewall.

http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2kFrontback.asp
http://support.microsoft.com/default.aspx?scid=/servicedesks/webcasts/wc0709
02/wcblurb070902.asp
http://support.microsoft.com/default.aspx?scid=kb;en-us;280132
http://support.microsoft.com/default.aspx?scid=kb;en-us;289241

Ong LB
Exchange Admin
NIE/NTU
Singapore

-----Original Message-----
From: Björn Johansson [mailto:Bjorn.Johansson@xxxxxxxxxx]
Sent: Friday, December 06, 2002 10:58 PM
To: [ExchangeList]
Subject: [exchangelist] OWA Front-end server problems - Access Denied!


http://www.MSExchange.org/

Hi,
Exchange 2000 Enterprise SP3 (running on Win2000 Server SP3)
Client Win2000 Pro SP3, IE 6.0 SP1
OWA works fine if I connect to http://server1/exchange
But now we have a second server (server2) that will be placed in DMZ and
work as a Front-end server. Currently it's located on the internal network
during configuration of OWA. When Server2 has "This is a Front-end server"
DISABLED it also works if I connect to http://server2/exchange. The
difference is that the URL is changing to server1 as soon the OWA page
appears.
The problem occurs when I enable the "This is a Front-end server"
checkbox. I get a logon screen. No matter how I type my username (ie.
domain\username, username@domain ). I only get access denied. I've checked
my password etc.
What am I missing?!?
Thanks
/Björn

--------------------------------------------------------------

This e-mail and attachments may contain confidential, proprietary
or legally privileged information. It is intended for the use of the
addressee only. If you receive this e-mail and attachments by
mistake, you must not disclose, disseminate, distribute, copy or
otherwise use it. Please notify the sender immediately and delete
the e-mail and attachments from your system.

Zenit, Nektar, Futuris and Manticore are mutual funds according
to §3 of the Swedish Mutual Funds Act (1990:1114). Avenir is a
mutual fund in accordance with article 12 of the Finnish Mutual
Funds Act (99/48). Zodiak Venture Capital is a Swedish
closed-end limited partnership. None of the Funds are UCITS
funds. This e-mail is not a solicitation or recommendation to
acquire units in the Funds. The units of the Funds have not been
registered and will not be registered in accordance with any
securities legislation in the United States, Canada, Japan,
Australia or New Zealand or elsewhere and may not be offered or
sold to or within the United States, Canada, Japan, Australia or
New Zealand or in such countries where such offer or sale would
be in conflict with applicable laws or regulations.

##########################################
This message has been scanned by F-Secure Anti-Virus
for Microsoft Exchange.
##########################################


------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: lbong@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as: ricardowt@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


_________________________________________________________________
MSN Hotmail, o maior webmail do Brasil. http://www.hotmail.com



Other related posts: