Re: OWA with SSL issues
- From: "Spencer Read \(Nemesis\)" <ser@xxxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Wed, 2 Feb 2005 15:33:07 -0000
>>The only thing I don't agree with is your OWA client notes were the
client has to add the IP address of the External nic to their host file
along with the mail server name,
>>the reason this is a problem is simply because what if the client
wants to access his or her mail via a Internet cafe in Ireland? (ref.
chapter 10, page 49)
I was under the impression that this was a hosts entry on the ISA Server
itself, not the client!
...Spence
________________________________
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Sent: 02 February 2005 14:53
To: [ExchangeList]
Subject: RE: [exchangelist] Re: OWA with SSL issues
Jumping to conclusions to protect your reputation will not cut it Tom.
As it turns out I was able to add your steps to the Microsoft way which
didn't change a thing except for making things load up a little slower
(I am typing this on a clients machine..off site).
The only thing I don't agree with is your OWA client notes were the
client has to add the IP address of the External nic to their host file
along with the mail server name, the reason this is a problem is simply
because what if the client wants to access his or her mail via a
Internet cafe in Ireland? (ref. chapter 10, page 49)
The purpose of OWA SSL is for security and to allow people to get their
mail anywhere. If you told your clients, oh btw you have to make sure
the machine you are on has this setting they would probably freak out
and dump your services for someone else who doesn't require such
nonsense.
This forum and the ISA one has been a great help to me. Even your
documentation has been a help though it's only a piece of the bigger
puzzle! :)
Andrew
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Wed 2/2/2005 2:47 AM
To: [ExchangeList]
Subject: [exchangelist] Re: OWA with SSL issues
http://www.MSExchange.org/
Sheesh. Don't tell me you're using SSL to HTTP bridging? OUCH! Might as
well use Linux or PIX if you want that low level of security.
________________________________
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 01, 2005 11:36 PM
To: [ExchangeList]
Subject: RE: [exchangelist] Re: OWA with SSL issues
Hey Tee,
I just tried setting it up the Microsoft way which is a lot different
than Tom Shinders way.
http://support.microsoft.com/default.aspx?scid=kb;en-us;888714
<http://support.microsoft.com/default.aspx?scid=kb;en-us;888714>
And it worked without any problems. Also I used 1 less ISA rule to set
it up and didn't have to setup a split DNS like suggested in other
Exchange 2k3 OWA SSL on ISA 2k4.
I am soo happy! :) Now just have to work out the little details.
Andrew
________________________________
From: Tee Darling [mailto:tee.darling77@xxxxxxxxx]
Sent: Wed 2/2/2005 12:04 AM
To: [ExchangeList]
Subject: [exchangelist] Re: OWA with SSL issues
http://www.MSExchange.org/
Andrew,
I can tell you that the problem is the your firewall settings. Check
your firewall configuration and make sure that you have ports 443 and
80 enabled. You keep saying forums, are you referring to Forms-Based
Authentication (FBA)? If this is what you're talking about, make sure
to enable it after you SSL certificate is installed.
Also you're right about the Microsoft link below about how to redirect
http to https site. I followed it some few weeks ago but it did not
work. Go through the articles on MSExchange.org site, you will find
one of the articles that show you step by step how to configure it
properly. The article was written by a guy named Henrik Walther. He
also has a book entitled - CYA: Securing Exchange Server 2003 &
Outlook Web Access. Chapter 5 of this book is somewhere or is one of
the articles at msexchange.org. This is the chapter that helped me
resolved a similar problem you're facing now. I'll buy the book pretty
soon.
Tee
On Tue, 1 Feb 2005 21:35:13 -0500, Andrew English
<andrew@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> http://www.MSExchange.org/
>
> 2 Questions:
>
> I have OWA with SSL enabled along with forums. I am able connect to my
> OWA via https from my local LAN however when I attempt to connect to
it
> from the outside I get as far as the OWA Forum but when I type
something
> correct or invalid I get this error:
>
> unable to resolve server.
>
> I have not been able to figure out where the problem lies.
>
> Another question I have is with redirecting non-SSL to SSL sites. I
> found this line from Microsoft for OWA however when I follow the steps
> and try to use it I get "your not authorized to view this page".
>
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;555126&Product=e
> xch2003
>
> Andrew
>
> ------------------------------------------------------
> List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List
as: Tee.Darling77@xxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
