Reverse Proxy for Microsoft Exchange server

This entry was posted in Reverse-Proxy on by

The 2.25.102301 Artica version or above allows you to protect your Microsoft Exchange server 2010/2013 trough the Reverse-Proxy service.

On the Artica Reverse Proxy.

On the Reverse-Proxy section and Web sites, click on New server

23-10-2015 02-00-27

  • Turn to green the Microsoft Windows Exchange option.
  • Define the public host-name of your reverse proxy service.

23-10-2015 02-02-04

  • On the Next section, define where your MS Exchange server is.

23-10-2015 02-03-30

  • Confirm your settings and click on build settings

23-10-2015 02-04-50

  • For MS Exchange 2013, click on your added website

23-10-2015 02-06-44

 

  • Click on ECP tab in order to restrict accesses to the configuration Manager to only IP/networks listed on this section.

 

23-10-2015 02-08-14

On the MS Exchange server 2010

  • Open the Administration console, go into Client Access add the address set for the reverse proxy in External URL section.
  • Set it for all services.

2017-08-03_16-58-58

On the MS Exchange server 2013

You can add external URLs trough the Web console

2016-02-23-14_51_47-virtual-directories---Microsoft-Exchange

 

With command-Line:

Obtain identity information for the Set-OutlookAnywhere command, run the following command:

C:\> Get-OutlookAnywhere | fl

23-10-2015 02-18-05

Identities are case insensitive, and generally include spaces, parentheses, and backslashes, as in these examples for a server called MSEXCH01

MSEXCH01\Rpc (Default Web Site)
MSEXCH01\mapi (Default Web Site)
MSEXCH01\Autodiscover (Default Web Site)

Configure the external hostname for Outlook Anywhere.

C:\> Set-OutlookAnywhere -ExternalHostname webmail.company.tld -identity "serverRpc (Default Web Site)"

Configure Basic authentication for Outlook Anywhere.

C:\>Set-OutlookAnywhere -ExternalClientsRequireSsl 1 -DefaultAuthenticationMethod basic -ExternalClientAuthenticationMethod basic -IISAuthenticationMethods basic -InternalClientAuthenticationMethod basic

Configure Autodiscover.

C:\>Set-AutodiscoverVirtualDirectory -LiveIdNegotiateAuthentication 0 -WSSecurityAuthentication 0 -LiveIdBasicAuthentication 0 -BasicAuthentication 1 -DigestAuthentication 0 -WindowsAuthentication 0 -OAuthAuthentication 0 -AdfsAuthentication 0

Configure Offline Address Book (OAB).

C:\> Set-OabVirtualDirectory -WindowsAuthentication 0 -BasicAuthentication 1 -ExternalUrl https://webmail.company.tld/oab

Configure MAPI ( Exchange 2013 SP1)

C:\>Set-MapiVirtualDirectory -ExternalURL https://webmail.company.tld/mapi -IISAuthenticationMethods Basic

Enable MAPI Over HTTP ( Exchange 2013 SP1)

C:\>Set-Organ

 

Leave a comment