You've poked so many useful holes on one side that you've compromised the full functionality of what would be a DMZ.
Why not just open 443 (HTTP over SSL) right through and put the OWA server inside? Just my opinion, of course. William -----Original Message----- From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 11:36 AM To: MS-Exchange Admin Issues Subject: RE: Confirm: OWA from DMZ<->Exchange from LAN Meaning..? -----Original Message----- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 2:33 PM To: MS-Exchange Admin Issues Subject: RE: Confirm: OWA from DMZ<->Exchange from LAN You, sir, no longer have a DMZ. -----Original Message----- From: Dimitri Limanovski [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 11:29 AM To: MS-Exchange Admin Issues Subject: Confirm: OWA from DMZ<->Exchange from LAN I just want to confirm that (as per Q259240), all I need to allow from the OWA server, located on the DMZ to the Exchange server located on the LAN and vice versa are the following ports: OWA->Exchange 1. Directory Service: anything that's not immediately after 1023 range (1225 in MS example); 2. Information Store: same as above (1226 in MS example); 3. Endpoint Mapper: port 135 Exchange->OWA 1. RPC communication: 1024 through 65535 Is this correct? Anything else needs to be done? Thanks! List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm