[WBEL-users] SendMail Gateway

[Simone]

Hi,

 >You might want to keep in mind, that in such a case the OWA interface is
 >going to be exposed on-line to anyone who wants to look at it.

I know it sounds not reasonable, and I agree, but right now this is exactly 
the way it is working. Exchange HAS a public IP and it is not protected by 
any firewall (crazy?? yes it is). So people go to the web page and log in. 
My boss wants to keep it as easy as it is now for users, so teaching people 
to connect to the right server is not going to happen. To stay easy I have 
to give people one only address (the apache server with reverse proxy) and 
then make users insert login in the first page and being redirect to the 
right OWA. This way I think is the easiest one (we have around 250 users so 
I am confident Apache wouldn't be too stressed even on a medium hardware), 
and can put the web server behind the cisco pix 525 firewall. On the other 
hand, sendmail will be the front end for delivering incoming messages to 
the exchange servers users mailboxes, where users connect from the inside 
VPN directly via Microsoft Outlook.
Does it make sense to you? Not sure I have been able to explain myself.

There are things here I cannot change (right now  ;-) ), and I have to move 
carefully in this battle.

Any opinion, suggestion / correction very appreciate.

Thanks a lot, have a nice day

Simone


At 15:49 28/06/2004, Karanbir Singh wrote:
>Hi Simone,
>
>
>Simone wrote:
>>I haven't been clear on one point, my fault. We have to stay on Exchange, 
>>and users have to keep on using Outlook Web Access, this is a
>
>ah!
>
>>We would like to have a front web server that could redirect to the 
>>correct exchange web page depending on the login. In this scenario, even
>
>An easier way of doing something like this ( well, easier to maintain
>anyway ) would be to setup ip/port forwarding on the gateway machine.
>Then setup 3 different ports that people can use.
>
>eg. to login to machine-1 you could use http://publicIP:8081/ for
>machine-2 you can have http://publicIP:8082/ and finally you can have
>http://publicIP:8083/ for machine-3.
>
>Then just setup inward port forwarding. What firewall are you using ? If
>you let us know, I am sure someone should be able to guide you on how to
>setup something like this.
>
>You might want to keep in mind, that in such a case the OWA interface is
>going to be exposed on-line to anyone who wants to look at it.
>
>Lastly, (phew!) another options : setup Squid to do reverse proxy for
>you. You can build in some Authentication at the gateway then. Plus (
>arguably ) squid has a smaller footprint than Apache.
>
>- K
>
>--
>Karanbir Singh
>
>http://www.karan.org/
>ICQ : 2522219 - Yahoo IM : z00dax
>GnuPG Public Key : http://www.karan.org/publickey.asc
>
>
>_______________________________________________
>Whitebox-users mailing list
>Whitebox-users@beau.org
>http://beau.org/mailman/listinfo/whitebox-users

 
 
 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 
 Sponsor:
 La Pasta di Gragnano comprala su Terrasolis.com
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2498&d=28-6click.cgi?mid=1650&d=28-6 
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2120&d=28-6