09-25-2005 08:15 PM - edited 02-21-2020 12:25 AM
We have a VPN 3K Concentrator. The users would like to access Microsoft Outlook client instead of webmail through VPN. Do you have any suggestions on where I would start?
Thanks.
09-30-2005 06:03 AM
For optimal security, the filters on the public interface allow only tunneled and Internet Control Message Protocol (ICMP) traffic by default but follow the link to configure outlook.
10-10-2005 06:36 AM
Thanks for your response, Thomas. This article is to connect through WebVPN. My users would like to connect to Outlook through VPN Client. Do you have any suggestions? Thanks.
10-01-2005 07:43 AM
so remote user is trying to connect to an exchange server over vpn via outlook, right?
assuming the remote vpn doesn't have any filter and the remote user already have access via webmail, then no more configuration should be needed.
10-10-2005 06:39 AM
Thanks Jack. Sorry for not making it clear. My users would like to use Outlook client through VPN client, not through WebVPN. Do you have any suggestions? Thanks.
10-10-2005 04:17 PM
10-11-2005 06:35 AM
Thanks for your prompt response, Jack. I am not able to open the above link. Is it possible for you to e-mail me the PDF file or any other format? Thanks.
10-11-2005 03:52 PM
just wondering what's your email address.
10-11-2005 05:37 PM
Thanks for your prompt response, Jack. My e-mail address is ett9300@yahoo.com. I appreciate you do extra work. Thank you.
10-11-2005 06:31 PM
please check your email account.
10-12-2005 02:57 PM
it's good to learn that you are moving forward with the config. please read below re: creating rules/filters in order to restrict remote vpn access:
1. configure a new rule
go configuration > policy management > traffic management > rules
rule name:
direction: inboound
action: forward
protocol: tcp
source address: network list: vpn client pool
destination address: ip address: email private ip
tcp/udp destination port: 110
in case you need more ports to be allowed, just create another rule by following the same logic. in fact, all parameters should be the same except the last one, which is the destination port number. (pop3/110, imap/143)
2. configure the filter
go configuration > policy management > traffic management > filter
click "add filter"
filter name:
default action: forward
then click "add"
select the rule you've just created and click on "add rules to filter"
add all the rules you created from #1, also the last rule to be added shall be "access_deny (drop/in)".
3. apply filter to the group
go configuration > user management > groups
select the group you created for remote vpn access and click "modify group"
select "general" tab
go to option "filter" and select the filter you created from #2 and click "apply"
also remember to save the config by clicking the "save needed" icon at the top-right corner.
10-12-2005 05:18 PM
Thank you, Jack. This is what I am looking for. I'll let you know how it goes. Thank you very much.
10-19-2005 11:16 AM
Jack,
Sorry for not being able to get back to you sooner. Thanks again for taking the extra steps. I have questions with the configuration. On number #1, line 5, what configuration do I put for the Vpn Client Pool after it is created? Where do I apply this VPN Client Pool? Thanks.
10-19-2005 03:51 PM
please excuse me for not explaining well, in fact, it's not necessary.
under the section "source address > ip address", enter the existing vpn client pool. the pool is created when you configure remote vpn access. to verify, go configuration > system > address management > pools.
10-23-2005 05:34 PM
Thanks very much for your prompt response. Your instructions work without using the "vpn client pool". Thanks very much for taking time to do this for me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide