Hi All,
We have exchange 2010 SP1 Update 5 setup and working great for our early adopters.
We have a few iMac's that require outlook 2011 for mac to work internally and various articles later have this working using the EWS, which is great and our Mac lovers are happy.
The problem then arose that they could still connect when on external internet on wireless, investigate by myself found this is correct because or external access is provided by a reserve proxy which sends any request to the external ip the our client access array, so all url’s are accessible.
e.g.
https://mail.domain.com/owa
https://mail.domain.com/Microsoft-Server-ActiveSync
https://mail.domain.com/autodiscover
Our policy is to only allow owa and approved active sync devices (don’t want emails sitting on home laptop’s etc with no encryption) so need to block the access by clients using EWS.
Is the best option to utilise a UAG, if this is the case can we setup the UAG to only allow the url path’s we require and activesync/autodiscover will continue to work externally?
Example only allow these path’s.
https://mail.domain.com/owa/*
https://mail.domain.com/Microsoft-Server-ActiveSync/*
https://mail.domain.com/autodiscover/*
Thanks
Rich
Thanks Rich