Mike, I'll reply to you in detail off list as it's a bit away from mainstream on this list. I don't mind copying anyone else who'd enjoy the debate. Cheers, Roger -----Original Message----- From: Mike [mailto:mchen@xxxxxxxxxxx] Sent: 24 May 2005 14:36 To: [ExchangeList] Subject: [exchangelist] RE: Back-End server problem http://www.MSExchange.org/ Hi Roger, Thanks a lot for your help. Because we can't just block port 80 on the Back-end server. So setup IPSec filter must be the best way. But i have never tried this before and don't know how to setup. Could you tell me more detail info about doing this? actually, for some reason i don't want users to 'touch' Back-end server and only the Front-end server (OWA) works for users. so any idea,info,or advice for doing this will be OK. Thanks again. Mike > Mike, > > Front end talks to backend via port 80 so you can't just block that > port. You could selectively IPSec filter port 80 to permit only the front > ends to chatter to the backends. Don't know how easy that would be in your > situation. > > We are experimentally constructing a rig to do just this so we can > offer specific advice based on what we've done. > > regards, Roger Mackenzie (Glasgow University) > > -----Original Message----- > From: Mike [mailto:mchen@xxxxxxxxxxx] > Sent: 23 May 2005 15:18 > To: [ExchangeList] > Subject: [exchangelist] Back-End server problem > > http://www.MSExchange.org/ > > Hi, > I have setup a Front-End server with Exchange server 2003 and OWA works > fun. Now i want to block OWA on the Back-End server (Exchange 2003). That > means I just want our users can only log onto OWA with the Front-End > server IP address ( Http://front-end ip/exchange)and do not want users log > onto the OWA with the Back-End server IP address (Http://Back-end change). > But I have no idea for doing this. so Could anyone tell me how to do it? > Thanks. > > Mike > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSEXchange.org Discussion List as: > r.mackenzie@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: r.mackenzie@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx