Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

OWA Port Question

Status
Not open for further replies.
MoaTad

MoaTad

Programmer
Jun 7, 2002
27
US
In our firewall, I can direct port 80 to the IP of the Exchange 2003 server and OWA is avaliable externally.

The problem is, we normally have port 80 directed to our web server. I tried directing port 80 to both IPs by making an entry for each and also by directing to a range that contained both IPs. Neither way worked.

Is this an either/or situation or can I direct port 80 to both?

I thought about making our web server (Windows Server 2000) do double duty as an Exchange front-end server, but I don't know if this is a good idea.

Any ideas would be appreciated!
 
Sort by date Sort by votes
Sounds like you need a better firewall. One with more than one incoming NAT address. Watchguard has some nice ones but they cost 1k and up.
 
Upvote 0 Downvote
If you choose to expose you Exchange backend server to the Internet, all that is required for OWA to work is to have port 80 open.
I can do this by changing the firewall settings so that port 80 is open to the Exchange server instead of our webserver (of course this makes our website unavailable).

My firewall also has the ability to open port 80 to both machines at the same time, but when I do that, neither the website or OWA works.

I guess my question is, with port 80 open to both machines, how do I make HTTP requests for the webserver go to the webserver, and HTTP requests for the Exchange server go to the Exchange server?
 
Upvote 0 Downvote
My advice is implement a front end exchange soltuion. I did what your doing and within 10 m ins of me opening the port some hacker was in and trying to TFTP mail off the server.

Im now running exchange 2003 and use an SSL cetificate on the server that runs outlook web access on a diff IP to the main server.

Just rem when u open up the port directly to your exchange server your asking for some1 to have a crack at it,

Best practise is to try not use your main exchange box and guide any nasties to aanother box that then feeds from your main exchange.

 
Upvote 0 Downvote
I understand the need for the front-end solution, but I also like the idea of installing OWA on the web server. There will be only about 5 OWA users and probably only 2 of those will use it even once a day. So I don't figure bandwidth will be a problem.

I wasn't aware you could install just OWA.

What is the difference (particularly security-related) between the front-end server arrangement and just installing OWA on a seperate machine?

Thanks for the feedback!!

 
Upvote 0 Downvote
MoaTad,

im currently in the same predicament but the way im planning to get around it which i believe is the best way to do it, is to run OWA through SSL via creating my own certificate. Rather than port 80 it would be coming in through port 443, this would be alot more secure as well as keeping port 80 solely for my web server.

The tutorial i was going to use is at,

FAM
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
2K
microsGuy16
microsGuy16
ponoodle
  • Locked
  • Question
Disabling OWA for on prem Exchange while in a hybrid envirenment.
Replies
0
Views
1K
ponoodle
ponoodle
Amaksoud396
  • Locked
  • Question
Exchange 2016 sizing questions
Replies
0
Views
64
Amaksoud396
Amaksoud396
lwhalo
  • Locked
  • Question
Domain Admins - Active Sync/OWA question
Replies
1
Views
97
ntinlin
ntinlin
joblack23
  • Locked
  • Question
owa lock
Replies
0
Views
59
joblack23
joblack23

Part and Inventory Search

Sponsor

Back
Top