This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.2 and Exchange Server 2010

Hi,

I'm new to Sophos UTM I was using Forefront TMG and now is time to switch..

I'm trying to publish Exchange 2010 web services (OWA, OAB, ECP, EWS, ActiveSync and Outlook Anywhere) following your guide :

https://sophserv.sophos.com/repo_kb/120454/file/Exchange%20WAF%20How%20to%209%202.pdf

But there is some problems [:S]

First of all

if I have only one Exchange server I can only have one virtual Web Server in your guide there is 3 virtual web servers and so only one firewall profile
So security is less.. how to resolve this ?

Second bug

Clients with smartphones (like iphones) can't connect

Third bug

LDAP seems to not work from outside

Do you have a more recent guide or a kb article

Thanks in advance

This thread was automatically locked due to age.

Parents

0 TJHooker74 over 10 years ago

Hi!

I use exactly your configuration: One single EX2010-Server an UTM.

You can in deed have several "Virtual Webservers" with only one "Real Webserver".

Sophos thinks of different "Virtual Servers" for different Taks (one for Outlook Anywhere, one for Autodiscover and on for all other services), even if they Point to one Real Webserver.

I had to deactivate "HTTP Policy" in the Firewall-Profile "Exchange - All other Services" for bringing ActiveSync to work.

Maybe you speak german?
https://community.sophos.com/products/unified-threat-management/astaroorg/f/68/t/62350

TJ
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 TJHooker74 over 10 years ago

Hi!

I use exactly your configuration: One single EX2010-Server an UTM.

You can in deed have several "Virtual Webservers" with only one "Real Webserver".

Sophos thinks of different "Virtual Servers" for different Taks (one for Outlook Anywhere, one for Autodiscover and on for all other services), even if they Point to one Real Webserver.

I had to deactivate "HTTP Policy" in the Firewall-Profile "Exchange - All other Services" for bringing ActiveSync to work.

Maybe you speak german?
https://community.sophos.com/products/unified-threat-management/astaroorg/f/68/t/62350

TJ
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 juve over 10 years ago in reply to TJHooker74

First of all thanks to take time to help a newbie in sophos utm world

I want to publish exchange services to the web

Outlook Anywhere RPC
OWA, OAB, ECP,EWS, Microsoft-Server-ActiveSync and Autodiscover

All roles are on the same physical computer this one has only one computer name and certificate for this unique host name.

I have followed this guide :
https://sophserv.sophos.com/repo_kb/120454/file/Exchange%20WAF%20How%20to%209%202.pdf

I get and error if I try to start more than one virtual web server item is already used...

So I make only one virtual webserver with minimal security config

I can access to OWA from an internet browser but when connecting with an iPhone the connection fails

the utm log reports :

840] [client 77.128.15.208:49530] No signature found, URI: https://mail.***x.com/Microsoft-Server-ActiveSync?User=d.luis@***x.com&DeviceId=ApplDNQH7YYRDTC0&DeviceType=iPhone&Cmd=FolderSync
2014:09:29-22:44:55 utm-01 reverseproxy: id="0299" srcip="77.128.15.208" localip="212.234.179.***" size="224" user="d.luis@***x.com" host="77.128.15.208" method="POST" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="446689" url="/Microsoft-Server-ActiveSync" server="mail.***x.com" referer="-" cookie="-" set-cookie="-"
2014:09:29-22:45:03 utm-01 reverseproxy: id="0299" srcip="77.128.15.208" localip="212.234.179.***" size="0" user="d.luis@***x.com" host="77.128.15.208" method="OPTIONS" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening" time="55204" url="/Microsoft-Server-ActiveSync" server="mail.***x.com" referer="-" cookie="-" set-cookie="-"
2014:09:29-22:45:04 utm-01 reverseproxy: [Mon Sep 29 22:45:04.145153 2014] [url_hardening:error] [pid 30455:tid 4038482800] [client 77.128.15.208:49541] No signature found, URI: mail.***x.com/Microsoft-Server-ActiveSync
2014:09:29-22:45:04 utm-01 reverseproxy: id="0299" srcip="77.128.15.208" localip="212.234.179.***" size="224" user="d.luis@***x.com" host="77.128.15.208" method="POST" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="32082" url="/Microsoft-Server-ActiveSync" server="mail.***x.com" referer="-" cookie="-" set-cookie="-"
2014:09:29-22:45:10 utm-01 reverseproxy: [Mon Sep 29 22:45:10.814451 2014] [url_hardening:error] [pid 30455:tid 4038482800] [client 77.128.15.208:49541] No signature found, URI: mail.***x.com/Microsoft-Server-ActiveSync
2014:09:29-22:45:10 utm-01 reverseproxy: id="0299" srcip="77.128.15.208" localip="212.234.179.***" size="224" user="d.luis@***x.com" host="77.128.15.208" method="POST" statuscode="403" reason="url hardening" extra="No signature found" exceptions="-" time="34186" url="/Microsoft-Server-ActiveSync" server="mail.***x.com" referer="-" cookie="-" set-cookie="-" path=/owa/;httponly;secure"

I have also open a ticket with Premium support but the only response was look at our Best Practice guide

I pay these guys to have this reponse this is unacceptable!

If I replace Sophos UTM 320 by Microsoft Forefront TMG all functions Work, idem with Fortigate but I want to switch to use an European product

If you can, help by be sending screen copys of you configuration you will save my day.

Thanks a lot
Cancel
Vote Up 0 Vote Down

Cancel