[THIN] Re: OT: Exchange thru internet
- From: "Tony Lyne" <Tony.Lyne@xxxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 29 Aug 2003 10:23:54 +1200
Try this, Setup an Exchange RPC filter on your firewall, Allow only Exchange
UUID's and follow KB302914.
Tony Lyne
Senior Systems Engineer
Computerland Central
P O Box 1470
PALMERSTON NORTH
Telephone (+64) 06 3537300
Facsimile (+64) 06 3566800
Mobile (+64) 0274 720696
E-mail Tony.Lyne@xxxxxxxxxxxxxxxxxx
Internet http://www.computerland.co.nz <http://www.computerland.co.nz/>
CAUTION: This e-mail message and accompanying data may contain information that
is confidential and subject to privilege. If you are not the intended
recipient, you are notified that any use, dissemination, distribution or
copying of this message or data is prohibited. If you have received this e-mail
in error, please notify me immediately and delete all material pertaining to
this e-mail. Thank you.
-----Original Message-----
From: Greg Reese [mailto:GReese@xxxxxxxxxxxxxxxx]
Sent: Friday, 29 August 2003 10:07 a.m.
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru internet
who does. That is kind of the downside to being offline.
:)
-----Original Message-----
From: Michael Boggan [mailto:MBoggan@xxxxxxxxxxx]
Sent: Thursday, August 28, 2003 5:57 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: Exchange thru internet
with OWA they don't get there messages while offline.
_________________________________
Michael Boggan
Network Engineer/Citrix Admin
Virtual Desktop Inc.
Dallas, Texas
Ph: (972) 960-6400
Fax: (972) 960-6445
email: mboggan@xxxxxxxxxxx
http://www.virtualdesktopinc.com <http://www.virtualdesktopinc.com/>
_________________________________
For Technical Support during business hours please send email to
support@xxxxxxxxxxx or call the above toll free number for afterhours support.
-----Original Message-----
From: John Carlson [mailto:johnc@xxxxxxxxxx]
Sent: Thursday, August 28, 2003 3:40 PM
To: thin@xxxxxxxxxxxxx
Subject: RE: [THIN] Re: OT: Exchange thru internet
I have done this and the problem I ran into was performance. It
is very slow and sometimes the outlook will appear to be frozen while it
communicates with the server. My user would then go to the task manager which
would show Outlook to be (not responding) when in reality it was just
downloading some attachment or something. It was a total nightmare to support.
Why not use OWA for public folder access?
-----Original Message-----
From: Michael Boggan [mailto:MBoggan@xxxxxxxxxxx]
Sent: Thu 8/28/2003 12:21 PM
To: 'thin@xxxxxxxxxxxxx'
Cc:
Subject: [THIN] Re: OT: Exchange thru internet
The reason for doing it over the internet is 2 fold.
First, we have lots of public folders and calendars they need access too.
Second, they like the ability to sync there laptop when connected over the
internet then get in and edit everything while offline.
_________________________________
Michael Boggan
Network Engineer/Citrix Admin
Virtual Desktop Inc.
Dallas, Texas
Ph: (972) 960-6400
Fax: (972) 960-6445
email: mboggan@xxxxxxxxxxx
http://www.virtualdesktopinc.com
<http://www.virtualdesktopinc.com/>
_________________________________
For Technical Support during business hours please send
email to support@xxxxxxxxxxx or call the above toll free number for afterhours
support.
-----Original Message-----
From: Ryan Lambert
[mailto:rlambert@xxxxxxxxxxxxxxx]
Sent: Thursday, August 28, 2003 7:16 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru internet
I would simply publish the application through
Citrix. That way you get everything, and on a decent connection a lot less
speed degredation.
What is the reason you want "Exchange over the
Internet", anyway? I mean, you can set up POP/SMTP with ports 110/25 open and
that will be fine. But Exchange featured mail is going to be a drag for you to
support, in my opinion.
-Ryan
-----Original Message-----
From: Evan Mann
[mailto:emann@xxxxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, August 27, 2003 7:58 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: Exchange thru internet
not that this is relevant to Citrix, but
Exchange 2003 with Outlook 11 (2003) offers MAPI over HTTP. I'm going to do
some testing with it tomorrow in fact. Need to find out if you can SSL encrypt
it and if so, how.
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of John Knightly
Sent: Wednesday, August 27, 2003 6:30 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru
internet
outlook over the internet...are you
smoking crack?
-----Original Message-----
From: Jeanne Shotton
[mailto:jeanne@xxxxxxxxxxxxxxxxx]
Sent: Wednesday, August 27, 2003 3:06 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru
internet
amen
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of M
Sent: Wednesday, August 27, 2003 5:04 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru
internet
Dare i mention the words Citrix Secure
Gateway ? i did think this was a Citrix forum :¬)
----- Original Message -----
From: Michael Boggan
<mailto:MBoggan@xxxxxxxxxxx>
To: 'thin@xxxxxxxxxxxxx'
Sent: Wednesday, August 27, 2003 10:53
PM
Subject: [THIN] Re: OT: Exchange thru
internet
yeah i changed the DS and IS ports to
5000 and 5001 respectively and had all this working using RPC on the 135
working. but had to close 135 when blaster came out. if you find a way to
change the 135 to somethign else, i'd really like to. i have many users wanting
the outlook over the internet to work again.
_________________________________
Michael Boggan
Network Engineer/Citrix Admin
Virtual Desktop Inc.
Dallas, Texas
Ph: (972) 960-6400
Fax: (972) 960-6445
email: mboggan@xxxxxxxxxxx
http://www.virtualdesktopinc.com
<http://www.virtualdesktopinc.com/>
_________________________________
For Technical Support during business
hours please send email to support@xxxxxxxxxxx or call the above toll free
number for afterhours support.
-----Original Message-----
From: Henry Sieff
[mailto:hsieff@xxxxxxxxxxxx]
Sent: Wednesday, August 27, 2003 4:07 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: Exchange thru
internet
You can change the endpoint itself (the
link I sent describes that process). The endpoint mapper is a different ball of
wax. If you did actually do that, then I am absolutely all ears, since this is
a perennially recurring topic on several security mailing lists I am on, and
the general consensus has always been: don't allow exchange access direct from
the internet because of all the nasties out there.
Anyways, let me know what you find.
-----Original Message-----
From: Magnus [mailto:magnus@xxxxxxxx]
Sent: Wednesday, August 27, 2003 3:29 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru
internet
If I recall correctly we did change the
RPC endpoint for it. I will have to double check my notes though (I could be
wrong)
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Henry Sieff
Sent: Wednesday, August 27, 2003 3:20 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: Exchange thru
internet
Nope. You can change the ports exchange
uses, but not the RPC endpoint mapper port on 135.
http://support.microsoft.com/default.aspx?scid=kb;en-us;155831 details how to
change the ports exchange uses, but there is no way to change the RPC endpoint
mapper service port number. Keep in mind that the client still has to identify
which ports the exchange service is listening on, and that requires a service
which uses a port that the client knows about ahead of time, in this case, RPC
on 135.
-----Original Message-----
From: Magnus [mailto:magnus@xxxxxxxx]
Sent: Wednesday, August 27, 2003 11:02
AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Exchange thru
internet
Actualy you change change the port to a
static port(by default it will dynamically assign the port once it gets
connected) even the TCP 135 port. There are a couple of MS KB's on it (sorry I
dont have the numbers) I ended up calling ms and I had it set up in about 20
minutes
Magnus
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Henry Sieff
Sent: Wednesday, August 27, 2003 11:49
AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: Exchange thru
internet
To use the full exchange server client,
you must open up the RPC endpoint mapper port (135). You can set which port
exchange actually ends up using, but 135 is used to initiate the process
whereby the client learns that port number.
-----Original Message-----
From: Michael Boggan
[mailto:MBoggan@xxxxxxxxxxx]
Sent: Wednesday, August 27, 2003 10:41
AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] OT: Exchange thru
internet
I want to be able to hit my exchange
thru the internet but to do it it says that the RPC port 135 has to be opened.
Well I don't want to do that for obvious reasons. Is there a way to change
which port the RPC uses for exchange?
_________________________________
Michael Boggan
Network Engineer/Citrix Admin
Virtual Desktop Inc.
Dallas, Texas
Ph: (972) 960-6400
Fax: (972) 960-6445
email: mboggan@xxxxxxxxxxx
http://www.virtualdesktopinc.com
<http://www.virtualdesktopinc.com/>
_________________________________
For Technical Support during business
hours please send email to support@xxxxxxxxxxx or call the above toll free
number for afterhours support.
Other related posts: