Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

OWA, OMA and security


  • Please log in to reply

#1
jaxisland

jaxisland

    Member 1K

  • Member
  • PipPipPipPip
  • 1,703 posts
I currently have OWA enabled for some traveling users. To connect they have to use a unique port in the url, use SSL, and require a user certificate they requested.

Now Im trying to connect and Iphone, Blackberry, and BlackJack II to the exchange server for email. I have found that it works if I disable the required user certificate. But now anyone can see the login page to my OWA. Is there some other security measure I can put in place that will lock down my OWA but still allow Exchange to sync to mobile devices?

Thanks
  • 0

Advertisements


#2
anzenketh

anzenketh

    BSOD Warrior/Computer Surgeon

  • Technician
  • 2,854 posts
jaxisland,

How did you generate the SSL CERT? You should be able to do a default deny on the IP's and allow VPN but that is a bit difficult to setup too.

Edited by tuxmaster, 11 August 2008 - 11:32 PM.

  • 0

#3
jaxisland

jaxisland

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,703 posts
Im using my CA on my servers, so its a self-signed cert. Not acceptable for most mobile devices. I bought a thawte cert for the webmail page, but it doesnt change the fact that I would have to disable Require Cert on my Exchange directory in IIS.
  • 0

#4
anzenketh

anzenketh

    BSOD Warrior/Computer Surgeon

  • Technician
  • 2,854 posts

Not acceptable for most mobile devices.


That was exactly my train of thought.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP