RE: block owa on Back-end server?

Hi,

I have tried this and got problem with the error message "The page cannot be
found"...when i tried to log onto the owa. I use IIS6.0 ,on the DWS:

IP address: All Unssigned
TCP Port: 80
Host Header Value: <front-end server's IP>

I don't know how to fix this problem and could you give me any idea?
Thanks.

Mike_help

"Kevyn Pietsch[MSFT]" wrote:

> You could do this by limiting what identities the Default Web Site(or
> whatever web site OWA is under), on the back-end server, will answer for.
> When a user types in http://<server name or IP>/<whatever>, the client's
> HTTP traffic will be sent to the appropriate server. IIS will pick up the
> request, and determine which web site will answer the request. In a
> default Windows/Exchange installation, this will be the Default Web
> Site(DWS). Each web site must have one or more unique identities, which
> determine what requests a web site will answer for. For HTTP requests, a
> web site's identity is composed of three things: 1) The IP address, or
> addresses(IP is set to "All Unassigned", a TCP port number, and a host
> header name(i.e. server name or IP; the first part of the URL above that
> the user typed in). By default, the DWS will have the following identity:
>
> IP: All Unassigned (listens on all of the machine's IP addresses)
> TCP Port: 80
> Host Header Name:
>
> This means that the DWS will answer any HTTP request that comes to it over
> port 80. If no web sites on the server(note: The DWS is the last web site
> the request will hit, if no other web sites answer for it) answer for a
> request(i.e. identity determines this), then the server will responde with
> an HTTP 404 error(i.e. I can't find what your looking for).
>
> When a user types in http://<front-end server name or IP>/exchange, IIS on
> the front-end server will get the request and attempt to find a web site
> that will answer this request. On a default Exchange/Windows installtion,
> the DWS will answer for this because of the identity that it has(see
> above). After the front-end server has done what it needs to, it will
> proxy the reqeust to the appropriate back-end server. When it proxy's the
> request, the URL that the user typed in to access the front-end server will
> be sent as is to the back-end server. So, on the back-end server, there
> must be a web site that will answer for the same identity that the
> front-end server did(IP, TCP Port=80, Host Header Name = front-end server
> name or IP>.
>
> If you only want users to be able to get into OWA through the front-end
> server, you can set up the proper web site on the back-end server with
> identities that are what the user would type in to get to the front-end
> server.
>
> Ex:
> A user will only type in http://<front-end server's IP>/exchange, to access
> OWA. You do not want this person to be able to get into OWA by going to
> the back-end server. On the back-end server, you only have the DWS with
> the OWA directories under it. You can alter the DWS's identity from it's
> default to the following:
>
> IP: All Unassigned
> TCP Port: 80
> Host Header Name: <front-end server's IP>
>
> You can add additional identities for any additional host header names that
> users would type in to access the front-end server. If you do this, users
> will not be able to access OWA directly against the back-end mailbox server.
>
> An identity for a web site can be added or altered by doing the following:
>
> 1. Open the IIS console(the exact name of the application depends on the
> version of Windows being used).
> 2. Go to the properties of the appropriate web site.
> 3. Click on the Advanced button next to the IP Address field on the Web
> Site tab.
> 4. Set up the appropriate identity, or identities.
>
> Note: Make sure that the web site, on the back-end server, does not have an
> identity with TCP Port = 80 and a blank Host Header Value field(I've been
> referring to it as Host Header Name).
>
> ===================================
> From: Kevyn Pietsch[MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> Use of included script samples are subject to the terms specified at:
>
> http://www.microsoft.com/info/cpyright.htm
>
> ===================================
>
>
.