Newbee Needs Help

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Newbee Needs Help

Not applicable

I am trying to setup outlook web access (Exchange 2010) for my network.

Here is what I have done thus far:

Object -> Addresses: Setup the internal address of the exchange server.

Policy -> Security: Created a rule with the following data (Name: owa - Source Zone: untrusted - Address/User: any - Dest Zone: trusted - Dest Address: OWA - Dest Application: Outlook-web (factory defined) Dest Service: service-https (Factory Defined)

When I go to commit the changes I get this:

device: Rule 'OWA' application dependency warning:

- Application 'outlook-web' requires 'ssl' allowed in the policy

- Application 'outlook-web' requires 'web-browsing' allowed in the policy

Configuration committed successfully

Not sure what its telling me to do..

Thanks in advance

Wayne

6 REPLIES 6

Not applicable

Never Mind - I figured it out..

Sweet!!!!

Okay maybe not.

Dont know what needs to happen to connect from the outside world..

Do you have an Inbound NAT rule associated with the security policy? Untrust to Untrust for the zones, public facing ip for the destination address and then dnat it to your private ip address hosting the services in question.

Hi Thanks,

Can you break it down for me,

remember i am a newbee..

Here is the NAT policy I have

SZ: untrust DZ: trust DI: none SA: any DA: OWA ST: dyn ip & port ether1/3 & my pubic ip DT: address:owa port:433

Is this on the right track?

Hi,

For any incoming connection, the NAT policy shouldbe like this:

Original

SRC Zone: untrust, src IP: any

Dst Zone: untrust, dst IP: public IP of OWA

Translated:

Src IP: any any

Dst IP: private IP, Static IP

For security:

Src Zone: Untrust, src IP: any

Dst Zone: DMZ, dst IP: public IP

Application: SSL (as OWA is encrypted)

Regards,

Jones

- Application 'outlook-web' requires 'ssl' allowed in the policy - In your policy In services allow tcp-443

- Application 'outlook-web' requires 'web-browsing' allowed in the policy - In your policy In services allow tcp-80.

See if this helps.

  • 3183 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!