Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX/Exchange 5.5/Remote MS Outlook Synchronization 1

Status
Not open for further replies.
5084

5084

IS-IT--Management
May 2, 2001
10
US
We have implemented a Cisco PIX on our corporate WAN and we now have a problem where our remote Internet dialup users can not synchronize their mail.

Background:
- We are running private addresses on the WAN.
- Our Exchange 5.5, PDC/WINS, and internal DNS server are all behind PIX.
- Our internal servers and workstations are using an internal DNS domain name.
- Remote users are using Win98 laptops with MS Outlook 2000.
- The Exchange server has a public DNS hostname.
- The PIX has a static IP address mapping to our Exchange server’s internal private IP address.
- The PIX also has a static IP address mapping to our WINS server’s internal private IP address.

What is happening:
- Remote users are using the public IP address for WINS.
- They can see and browse the PDC via the Network Neighborhood.
- They can only see (not browse) the Exchange server via the Network Neighborhood.
- They can not synchronize offline folders or connect directly to the Exchange server.
- By using the “local hosts” file on the remote user’s laptop, Exchange synchronization is successful, but the laptop can only then be used outside of the corporate WAN. The problem is that these remote/travel users take their laptops back to the corporate WAN (i.e. the “local hosts” file will point the server name to a public IP address, but the server actually has a private IP address).
 
Sort by date Sort by votes
I also forgot to mention that before the PIX was installed our Internet router was performing NAT and everything worked.

Once we installed the PIX, we ran into this problem with remote users.
 
Upvote 0 Downvote
5084,

I'd suggest removing the static mapping to your WINS server, you don't want to open that up to the Internet. You're compromising your entire network. Instead, open port 135 to your Exchange Server, and the ports you force for the IS and DS (see MS knowledgebase article q155831). On your remote user machines, add an entry to the HOSTS file (or LMHOSTS, but resolution is slower) like:

xx.xx.xx.xx mailserver # replace mailserver with your exchange servers netbios name

The hosts file is located in \winnt\system32\drivers\etc on NT and Win2K systems, and \windows on Win9x/ME systems. Make sure the extension ".sam" is not appended. If your system is configured to hide extensions for known file types it will appear as though the extension is not there when in fact it is.

Open a command prompt on the client and verify you can ping by the exchange servers netbios name (only if you allow icmp in your pix's security policy). If you can, and the ports on the firewall are open, and the registry edited correctly on you server, the client will connect as if it were on the local network.

sh0x
 
Upvote 0 Downvote
sh0x,

Thanks for the feedback. I'll give that a shot today. I appreciate the response.

Sincerely,

5084
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
304
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
247
nnaarrnn
nnaarrnn
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
61
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
71
brownmab53
brownmab53
MeesterDull
  • Locked
  • Question
Can't remote into my SonicWall
Replies
0
Views
63
MeesterDull
MeesterDull

Part and Inventory Search

Sponsor

Back
Top