How to allow access to OWA to selected external users?

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
L2 Linker

How to allow access to OWA to selected external users?

Hello everyone,

I was hoping to get couple ideas on the problem that we currently have and cannot give a solution yet.

About a year ago we were able to migrate our old firewalls infrastructure to PAN.

We had 1 firewall facing internet(Sidewinder) - basically for Destination NAT functions, MS ISA server as proxy and main firewall (behind Sidewinder) and Microsoft TMG for IPSec VPN only.

We have migrated all of these legacy devices to a A/P Pair of 5050 with vsys - 1 vsys for Sidewinder, 1 vsys for ISA and 1 for TMG.

Now, because of native functionality of ISA Server, our customer was able to select certain outside(external) users to allow access to Public OWA portal while blocking the rest and users located inside customer's network all were able to connect to OWA.

After we've culminated migration, this functionality being lost and it is very important to implement something similar.

The tools available to us at this moment are:

PA5050 with 22 vsys available

AD access

Captive Portal

We were working on Reverse Proxy from other brands, but it requires additional cost and we are not allowed to do so.

Please, any ideas or help would be extremely appreciated.

Thanks in advance,

Val

Highlighted
L4 Transporter

You could create a rule leveraging CP. First create a rule in CP to the external IPs to prompt user with the CP page.  Then create a security rule to allow access by source IP filter (based on static IP address or a geographic location) and by source user in a specific AD group to be able to login.

Highlighted
L0 Member

what about if i want to do the same for other application , i mean for exchange Active Sync  on mobile too

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!