cancel
Showing results for 
Search instead for 
Did you mean: 

Inbound web-site filtering

SOLVED
Here to help

Inbound web-site filtering

Looking for some help please?

I have a NAT rule that forward https on a specific IP to my exchange box for activesync. Works fine

I want to prevent external access to oulook anywhere and the admin pages of exchange.

Reseller advises me way to work is add a firewall block on https://domain.co.uk/ecp and https://domain.co.uk/rpc 

However I still get access and I think it's cos of the NAT rule. Does it not unconditionally forward?

 

Is it possible to do what I want, and if so can you advise  how?

 

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: Inbound web-site filtering

Because it is encrypted you can not do this on the MX.

 

I think ecp is used for setting "Out of office" messages.  So if you block that then that particular functionality of Outlook will stop working for remote users.  To the best of my knwoledge, rpc is unused.

 

The best way to block access to these would be on the Exchange server.  Configure IIS to place an IP address restriction on the virtual directories to where ever you want to allow access from.

 

 

Note that on Office 365 these ecp is remotely accessible ...

2 REPLIES
Kind of a big deal

Re: Inbound web-site filtering

Because it is encrypted you can not do this on the MX.

 

I think ecp is used for setting "Out of office" messages.  So if you block that then that particular functionality of Outlook will stop working for remote users.  To the best of my knwoledge, rpc is unused.

 

The best way to block access to these would be on the Exchange server.  Configure IIS to place an IP address restriction on the virtual directories to where ever you want to allow access from.

 

 

Note that on Office 365 these ecp is remotely accessible ...

Here to help

Re: Inbound web-site filtering

That's a real shame. I get one story from Exchange folk and one from the meraki installer.

 

Thanks for clarifying