Dan, If you simply need client access, try Outlook Web Access using SSL. I have not heard of any issues with it "yet". It sounds like you already tunnel certain protocols into your network. You could do the SSL directly, or you could possibly tunnel the SSL connection through the SSH port redirector. There are a lot of unknowns there such as: What operating systems and SSH clients are you using, Can you get the SSH authentication front end to work with OWA, Have you looked at other VPN alternatives.... If your users need the Outlook Express client, MS Exchange can encapsulate IMAP and POP3 within SSL. I strongly recommend that you research these services before implementing them within your security architecture. I only know of there availability, but have not tested them myself. Anyone else want to weigh in here? Be very careful! Joe Joe Carson CCNA, CCDA Senior Network Security Engineer Smartronix, Inc. ====================================================================== Original Message: How do folks work access to an MS Exchange server through a firewall? We are under pressure to install MS Exchange in our mixed unix/NT environment and allow access from outside our local network. I checked the archives and didn't find anything that helped me. Currently we limit outside access from the Internet to ssh to a unix host. Port forwarding makes it possible to do all of the things that have been required in the past. But now the folks on the sales side of the company want to have MS Exchange installed so they can use its calendaring and other functions. We have attempted to use the port forwarding to make exchange work and we have also tried Lotus Notes. No luck. Maybe we have missed something. This would be our preferred approach. So we are now looking for a firewall solution to this problem. Have any of you our there encountered this problem. How did you solve it? Thanks. /dan -- Dan Schlitt schlittat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:45 PDT