[THIN] Re: OT: Access Exchange from outside firewall
- From: "Chris Lynch" <lynch00@xxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Wed, 12 Mar 2003 14:08:49 -0800
=20
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Correct. There was just a VERY long discussion in the MS Security
Focus mailing list because someone wanted to open ports to allow an
Outlook client to directly attach to an Exchange server from the
Internet.
Some said to use ISA server, while others (like me) said to use a VPN
device. You NEVER want to open RPC to the Internet. You are just
begging hackers to break into your system and get critical
information.
Again, my question goes back to "why are you wanting to open ports
for your Exchange server to the Internet?" Is it because someone
wants to get to their mailbox? If so, then either publish Outlook,
or have them connect to OWA (secured with an SSL certificate).
Chris
- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Ryan Lambert
Sent: Wednesday, March 12, 2003 2:01 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Access Exchange from outside firewall
What are your objectives?
I would suggest maybe just POP the box, unless you want the Exchange
Address Book/Public Folders/etc. Or better yet, implement a published
application via Citrix and create a connection that way. ;-)
Personally, I am not in favor of opening any more ports than
absolutely necessary.
- -----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]=3D20
Sent: Wednesday, March 12, 2003 4:48 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Access Exchange from outside firewall
=3D3D20
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Why are you doing this? You need to open more ports than what you have =
=3D3D selected. Mainly, the GC port, port 135, possibly 139. Why not =
use a =3D =3D3D VPN connection? If you have Windows 2000, use RRAS. If =
not, then look =3D3D for a project called Wolverine. It's a small =
distro that will give you =3D3D PPTP VPN support. Very easy to setup, =
and is Linux based.
Chris
- - -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On =
=3D =3D3D Behalf Of Vince Tan
Sent: Wednesday, March 12, 2003 1:39 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT: Access Exchange from outside firewall
Hi Everyone, I've been working on this for the better half of the day =
=3D =3D3D and can't seem to get anywhere. I'm trying to setup an =
Outlook client =3D =3D3D to connect to my Exchange 2K server. The =
Outlook client is outside the =3D3D firewall connected via the internet. =
I already setup the =3D3D =
HLKM\System\CurrentControlSet\Service\MSExchangeDS\Parameters,
HKLM\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem to =
=3D3D point to static port. I also configured the firewall already for =
those =3D3D 2 ports.=3D3D3D20
When I start the Outlook client, I get "Exchanger server unavailable". =
=3D =3D3D Oh, I also set up the hosts file to point to the right ip =
address for =3D =3D3D the exchange server.
Thanks for any help
Vince
*********************************************************
This Week's Sponsor - RTO Software / TScale
TScale increases terminal server capacity.=3D3D20
Get 30-40% more users per server to save $$$ and time.=3D3D20
Add users now! - not more servers. If you're using Citrix,=3D3D20 you =
must learn about TScale! Free 30-day eval: =3D3D =
http://www.rtosoft.com/Enter.asp?ID=3D3D3D79
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link: =3D3D =
http://thethin.net/citrixlist.cfm
- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPm+rK29fg+xq5T3MEQINsQCgq4WxDrZuZJE9JhVxA0BWnxkYlk8AnRWW
ZABgkfxWWkUyQvIfycnqwUGk
=3D3D3D2S9m
- -----END PGP SIGNATURE-----
*********************************************************
This Week's Sponsor - RTO Software / TScale
TScale increases terminal server capacity.=3D20
Get 30-40% more users per server to save $$$ and time.=3D20
Add users now! - not more servers. If you're using Citrix,=3D20 you must =
learn about TScale! Free 30-day eval: =
http://www.rtosoft.com/Enter.asp?ID=3D3D79
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link: =
http://thethin.net/citrixlist.cfm
*********************************************************
This Week's Sponsor - RTO Software / TScale
TScale increases terminal server capacity.=20
Get 30-40% more users per server to save $$$ and time.=20
Add users now! - not more servers. If you're using Citrix,=20
you must learn about TScale! Free 30-day eval: =
http://www.rtosoft.com/Enter.asp?ID=3D79
**********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link: =
http://thethin.net/citrixlist.cfm
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPm+v8G9fg+xq5T3MEQLsygCg1SLK2rr3OxqK6vU3vfBvFXyX2b0Anisd
LaNqa1egWFn7bZLqIPvEeZK0
=3DV2mL
-----END PGP SIGNATURE-----
*********************************************************
This Week's Sponsor - RTO Software / TScale
TScale increases terminal server capacity.
Get 30-40% more users per server to save $$$ and time.
Add users now! - not more servers. If you're using Citrix,
you must learn about TScale! Free 30-day eval:
http://www.rtosoft.com/Enter.asp?ID=79
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
