Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1332 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF and OMA / EWS

DiePlage
Hello Folks,

I was wondering if there was some kind of best-practise guide for setting up the WAF with OWA / OMA / EWS.
I suppose this is one of the most popular scenarios in which WAF ist used.

I've found this thread:
https://community.sophos.com/products/unified-threat-management/astaroorg/f/55/t/44114

Unfortunately I don't have a second external IP atvailable so I think I have to reconfigure at least User Portal and SSL-VPN to use a different port. On the other hand, both applications share the same port already. How is this done?

Any hint is greatly welcome as this is my first time with WAF.

Cheers!


This thread was automatically locked due to age.
  • 0
    It's probably less work to use a different port for OWA.  So, your virtual web server would listen, say, on port 1443, but the associated real web server would be defined with port 443.

    Does that do what you want?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Bob, what would this board be without you....

    Initially I didn't want to change the default port for exchange-activesync (https) because the iPhone doesn't provide a field to change the server-port.
    HOWEVER, after some quick research, I found out that you can just enter server[:P]ort into the server field.

    So I changed the WAF virtual-server port to something <> 443 and it works like a charm.
    For the sake of the search-function: I had to disable HTML-rewriting and cookie signing to get exchange-activesync to work.

    Thanks a lot!
  • 0
    For the sake of the search-function: I had to disable HTML-rewriting and cookie signing to get exchange-activesync to work.


    Thanks for that tip!

    Cheers - Bob
    PS If anyone else comes by here - Astaro support has an article on doing this:
    https://support.astaro.com/support/index.php/Outlook_Web_Access_and_Microsoft_Server_ActiveSync
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner