Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1989
Views
0
Helpful
4
Replies

Configure authentication between IronPort vESA and MS Exchange 2010

Go to solution
B. BELHADJ
Level 4
Level 4

‎12-22-2015 03:04 PM

Hi,

I recently configured my vESA as relay of outgoing mails for my internal exchange 2010 server. When I put "none" for authentication in the "Configure Smart Host Authentication settings" window of my Exchange 2010 Management Console all is good, I can send mails and I can see them in my vESA.

For security purpose, I would like to secure communications between the vESA and MS EXchange 2010 with authentication. What type of configuration you recommend me? And how can I do it?

Best regards.

Labels:
Preview file
94 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎12-22-2015 03:28 PM

Is your internal AD domain a "public" domain, or a private one (ending in .local for example")?

Typically I get a wildcard certificate for the external public domain.  I then load this into ESA and the Exchange server (and use it for the WebMail/ActiveSync on Exchange, etc).  Then you have one certificate used for securing everything.  Makes it much easier when you roll the certificates as well - write down the procedure as you do it so when you roll the certificates you don't have to learn how to do it again.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-22-2015 03:09 PM

Don't do that unless you like pain.

If you really want to secure it use TLS, but you will need to put a valid certificate on both the Exchange server and the vESA appliance.

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4
In response to Philip D'Ath

‎12-22-2015 03:18 PM

Thank you p.dath for your reply,

If I would like to secure it with TLS, how I can configure this?

I have to generate Certificate from a CA (example AD) and install the certificate in the vESA and the mail server?

If yes, where I configure the TLS (in the both sides)?

Best regards.

0 Helpful

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎12-22-2015 03:28 PM

Is your internal AD domain a "public" domain, or a private one (ending in .local for example")?

Typically I get a wildcard certificate for the external public domain.  I then load this into ESA and the Exchange server (and use it for the WebMail/ActiveSync on Exchange, etc).  Then you have one certificate used for securing everything.  Makes it much easier when you roll the certificates as well - write down the procedure as you do it so when you roll the certificates you don't have to learn how to do it again.

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4
In response to Philip D'Ath

‎12-23-2015 02:03 AM

Thank you so much p.dath for your reply.

Best regards.

0 Helpful
Customers Also Viewed These Support Documents