Microsoft KB Archive/831050

= Description of the configuration options for the Exchange over the Internet feature in Outlook 2007 and in Outlook 2003 =

Article ID: 831050

Article Last Modified on 1/31/2007

-

APPLIES TO


 * Microsoft Office Outlook 2003
 * Microsoft Office Outlook 2007

-



SUMMARY
In Microsoft Office Outlook 2007 and in Microsoft Office Outlook 2003, you can use the Exchange over the Internet feature with Remote Procedure Calls (RPC) using HTTP packets to connect to Microsoft Exchange Server 2003 over the Internet without having to use virtual private network (VPN) connections. The Exchange over the Internet feature permits Outlook users to access their Microsoft Exchange Server accounts from the Internet when they are traveling or are working outside their organization's firewall.



MORE INFORMATION
There following list includes the requirements for the Exchange over the Internet feature:  Microsoft Windows XP with Service Pack 1 and the hotfix (or later) that is available in the following Microsoft Knowledge Base article:

331320 Outlook 2003 Performs Slowly or Stops Responding When Connected to Exchange Server 2003 Through HTTP

 Outlook 2003. Exchange Server 2003 e-mail accounts. Microsoft Windows Server 2003 (required for server components only).

Note It is highly recommended that you use the Exchange over the Internet feature with Outlook 2003 user profiles that are configured in Cached Exchange Mode.

About the Exchange over the Internet Feature
In a local area network (LAN), Outlook 2003 communicates with Exchange servers by using direct network TCP/IP access, also known as RPC over TCP/IP. This method provides both quick and efficient access to a corporate network.

However, remote users who access Microsoft Exchange require a VPN connection that permits them to bypass the corporate firewall and to access the corporate network. A VPN connection permits access to more network services than those that are required for just e-mail access.

Outlook 2007 and Outlook 2003 now offer an alternative to VPN connections, the Exchange over the Internet feature. With the Exchange over the Internet feature, users can access their Exchange Server accounts from the Internet when they are working outside their organization's firewall. Users do not require any special connections or hardware, such as smart cards and security tokens, and they can still access their Exchange accounts even if the Exchange server and the client computer behind the firewall are on different networks.

The Exchange over the Internet feature works by having an Exchange Server front-end computer that is configured as an RPC proxy server. This RPC proxy server specifies the ports that are used to communicate with the network's domain controller, the global catalog (GC) servers, and all the Exchange servers that the client user requires. Before you can use the Exchange over the Internet feature, the Exchange group in your organization must first deploy the Exchange over the Internet feature for the Exchange servers that you use.

Understanding the Configuration Settings for the Exchange over the Internet Feature
Before you configure the Exchange over the Internet feature for Outlook 2003, you have to have the Uniform Resource Locator URL) for the Exchange proxy server that is configured for the Exchange over the Internet feature. This URL is available from your organization's Exchange administrator.

There are additional settings for the Exchange over the Internet feature in the Custom Installation Wizard (CIW). However, Outlook uses the default values for the options that are available in the CIW that are more likely to provide a good experience for your users and to help provide authenticated connections to your network. Microsoft recommends that you do not change the default options when you configure these settings in the CIW. However, if it is required, you can change these settings to fit the special circumstances in your organization.

Note Outlook 2007 uses the OCT (Office customization tool) instead of the CIW.

Overriding the Default Connection Type Choice Behavior
By default, Outlook tries to connect by using the LAN connection first for a fast network. If you are using a slow network, Outlook tries to connect by using HTTP first. You can override these two default behavior following these steps.

Outlook 2003

 * 1) On the Tools menu, click E-mail Accounts.
 * 2) Click Next.
 * 3) Select the Exchange account that you want to override the default settings for, and then click Change.
 * 4) Click More Settings, and then click the Connection tab.
 * 5) Click Exchange Proxy Settings.
 * 6) Click to select one of the following check boxes:
 * 7) * On a fast network, connect using HTTP first, and then by using the TCP/IP
 * 8) * On a slow network, connect using HTTP first, and then by using the TCP/IP
 * 9) Click OK, click Apply, and then click OK.
 * 10) Click Next, and then click Finish.

Outlook 2007

 * 1) On the Tools menu, click Account Settings.
 * 2) On the E-mail tab, click the Exchange account for which you want to override the default settings, and then click Change.
 * 3) Click More Settings, and then click the Connection tab.
 * 4) Click Exchange Proxy Settings.
 * 5) Click to select one of the following check boxes:
 * 6) * On a fast network, connect using HTTP first, and then by using the TCP/IP
 * 7) * On a slow network, connect using HTTP first, and then by using the TCP/IP
 * 8) Click OK, click Apply, and then click OK.
 * 9) Click Next, and then click Close.

Specifying Authentication and Connection Methods
The default authentication method in the Exchange over Internet feature is through Password Authentication (NTLM). If you use Basic Password Authentication, users will be prompted for a password each time that a connection is made to the Exchange server. It is best to always use SSL while using password authentication. For additional recommendations about how to protect Exchange over the Internet connections, visit the MSDN Web site for the topic:

http://msdn2.microsoft.com/en-us/library/aa375384.aspx

