Hello, I struggle to make the default waf rules working for Exchange with my situation. I want to achieve the following: - OWA only accessible behind user authentication with OTP and IPS - Preferable ECP blocked from WAN or as OWA also behind authentication with OTP - Outlook anywhere and activesync for mobile phones accessible and protected with IPS We have all the virtual directories internal en external mapped to mail.company.com and use a wildcard certificate for this. Further we use split dns on our server. I have one external IP which we have a A host record for mail.company.com and autodiscover.company.com pointing to this. I cannot find a good example to get this working with using only a wildcard certificate and a single external IP address. When I use the default rules I get an error that the certificate is already in use and that I cannot have both, do I need to create 1 rule for all the above or is there a better way Anyone that uses a similar situation and got it working? At the moment I'm using a DNAT rule which is not secure at all because of the ECP that open for the whole world.
↧