Security Basics mailing list archives
OWA/Exchange/Apache
From: José Enrique Díaz Jolly <enrique () podernet com mx>
Date: Mon, 8 Dec 2003 19:49:44 -0600 (CST)
I don't know for sure if this is the appropriate group for posting such a question, but I have had some troubles trying to find the appropriate way for reverse proxying an OWA. The architecture I am trying to use is to reverse proxy an OWA running on the same server as the Exchange. What I have tried to do is either using ProxyPass or Rewrite Rules to reverse proxying my OWA. I have had no success even when I have found several "recipies" all of them that work successfully with oter applications. I have configured my Apache on a server located on my DMZ, pointing through DNS webmail.domain.com as the external address, my internal address with no name and on the splitted horizon DNS a name for the OWA server. After all that I have added an /etc/hosts record pointing back to owa server but with the name of the external webserver listening to webmail name. I wonder If someone has achieved successfully such a schema for exposing owa without using the "seems to me too insecure" front-end/back-end that the Redmond's company proposes. the configuration in general lays as follows: DNS: webmail.domain.com A 200.x.y.z ; this address is listened ; by Apache as Reverse ; Proxy Internal splitted DNS: owaserver.domain.com A 172.16.w.v ; The OWA /etc/hosts webmail.domain.com 172.16.w.v This last one as is suggested on several recipies for the inner side of apache "translates" the propper name. The apache configuration I think right now has no sense as it works with several other applications served as well by other Apaches. But the question is where is the trick on the OWA+IIS configuration? I have tried using or forcing the different server names on the header section but still something is wrong. I have tried to seek get the whole configuration through a proxy that resolves not what is on my internal network and everything worked, but this was because my browser was able to "map" my OWA server from inside the network, but if I try to get it thro a fully internet connection I can get authentication but not the wished results. Can anyone point me to the propper direction? Please? -- " 'Tis true; there's magic in the web of it!" William Shakespeare, Othello (III.iv.69) "The river is within us, the sea is all about us." -- T.S.E. =============================================================================== José Enrique Díaz Jolly e-mail: enrique () podernet com mx Fax: +52 (55) 5212-0360 =============================================================================== @(#) $Id: signature,v 1.6 2003/09/06 04:29:31 enrique Exp $ --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- OWA/Exchange/Apache José Enrique Díaz Jolly (Dec 09)
- Re: OWA/Exchange/Apache Morten Grouleff (Dec 15)