Meraki

Community

Using Exchange 2010 through to MX devices on different networks

Solved
MISatCOS
Conversationalist
‎Sep 21 2018 4:37 PM
‎Sep 21 2018 4:37 PM

Using Exchange 2010 through to MX devices on different networks

I need some advice/help. I am running two networks. Both networks use a Meraki Gateway (an MX84 and MX64). I would like the users on one network to be able to use Outlook connected to the exchange server on the other network as if it was on the same lan. However, I don't want the users on either network to be able to communicate with each other beyond that. These devices are physically connected together, but I'm having trouble getting the traffic to go through the firewall rules. Am I even going about this the right way?

 

Some other options I've pondered were a site-to-site VPN, or an Edge Server.

 

Thank you for any responses!

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 21 2018 8:19 PM
‎Sep 21 2018 8:19 PM

Personally, I would get rid of the on-premise Exchange server and go to Office 365 - especially because Exchange 2010 is only just supported still.  Leave it any longer and if you need to upgrade you will have to go through a painful (and more expensive) multi-stage upgrade.

 

Second choice would be to use RPC over HTTPs, and have the clients connect using that mechanism.  Then you just need to NAT port 443 (aka https) through to each Exchange server,

 

My last choice would be to build a site to site VPN, and use VPN firewall rules to limit what users can talk to.

View solution in original post

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 21 2018 8:19 PM
‎Sep 21 2018 8:19 PM

Personally, I would get rid of the on-premise Exchange server and go to Office 365 - especially because Exchange 2010 is only just supported still.  Leave it any longer and if you need to upgrade you will have to go through a painful (and more expensive) multi-stage upgrade.

 

Second choice would be to use RPC over HTTPs, and have the clients connect using that mechanism.  Then you just need to NAT port 443 (aka https) through to each Exchange server,

 

My last choice would be to build a site to site VPN, and use VPN firewall rules to limit what users can talk to.

In response to PhilipDAth
MISatCOS
Conversationalist
‎Sep 22 2018 11:00 AM
‎Sep 22 2018 11:00 AM

Thank you for the advise!

We are definitely considering Exchange Online after this week's events (don't ask). I can't believe I didn't think about RPC over HTTPS! That's  a great idea.

 

I appreciate the help.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.