inside users cannot get to OWA server in DMZ

[ianbla]

I have it up & running. Exchange 2000 Enterprise in the DMZ, Exchange 2000 on the inside, all necessary ports on the PIX open, SSL installed. Everything works fine, just a couple of questions.

from inside I cannot get to

https://mail.ourcompany.co.uk/exchange

1) I have put in an entry on the internal DNS to point the hostname mail > 172.16.128.103, I can nslookup and get the right result but still cannot enter

https://mail.ourcompany.co.uk/exchange

2) What extra security steps can I take on the DMZ machine, it has W2K SP3 and Exchange SP3, only 80 & 443 are open on the firewall, is this good enough?

Many thanks
Ian.

 

[gbiello]

I haven't yet done it myself, but this may help: Q280132 (Exchange 2000 Windows 2000 Connectivity Through Firewalls).

-gbiello

 

[routerman]

Where are you doing the nslookup from?

I had a similar sounding problem, found out that the DNS response was from an external DNS. I had to use DNS Alias command to translate the external DNS response to the correct internal value.

 

[ianbla]

I think I have found the problem, we use a proxy server, on that proxy was DNS settings that did not include my internal DNS server, it was therefore going out to an external DNS server getting the public address and then getting confused.

I have added the internal DNS server as the first DNS and it seems to work.

Mmmmm. I blame the guy before me