1

I have an SBS2011 server, I need to allow ActiveSync (by forwarding 443 from the firewall to the server) but disable OWA and SharePoint when being accessed remotely (disable for any connections to these sites from IP's other than the local subnet).

I think this might be possible in IIS but would like recommendations on how to do this properly.

Can someone please advise the best way to do this.

Thanks.

morleyc
  • 1,150
  • 13
  • 47
  • 89

1 Answers1

1

I was able to resolve this by IPv4 restrictions in IIS 7.

I set the default policy to DENY and set an allow range for the local subnet.

Now when i log on from outside of the network i get an access denied page.

The above restrictions were only applied to the remote, mycompany and owa sites.

The rpc, active-sync and other sites have been left as-is.

morleyc
  • 1,150
  • 13
  • 47
  • 89
  • Clever, when I first read your question my only thinking was that a reverse proxy or the webserver itself would have to do this. Or an L7 firewall like a Palo Alto – SpacemanSpiff Aug 01 '12 at 14:39