[mdlug] Here's my idea and rough sketch plan, is it feasible?

Robert Adkins radkins at impelind.com
Wed Oct 3 14:51:16 EDT 2007 

Hey All,

	The bosses are interested in scooting us over to cell phones that
allow us to access our email while on the road.

	What I have seen involves using a Microsoft Windows mobile device
and the "Mobile" version of Outlook. As I understand it, this would require
at least one, if not more than one new "hole" in our firewall and to use the
"push" element that is a salespoint, might even require a MS Exchange
server. For more than just technical reasons, we won't be switching to an
Exchange server.

	Currently, I already have Squirrelmail running on our email server
for accessing through the "Poor IT Guy's" VPN that I have running.

	Some of these cell phones and devices like the iPod Touch and iPhone
have built-in WiFi that will allow for "Coffee House Surfing" with their
built-in web browsers. I know that some websites disallow connections
referred from other locations, for example to fight the Slashdot effect.

 	So, here's my thoughts:

	1. Setup an SSL certificate on our in-house webserver

	2. Put a forwarder for HTTPS traffic in our firewall to the server

	3. Change over our main website to something using a Content
Management System with secure logins setup for the management team. 

	4. They browse to our website, login, go to the secure page which
will have a link to our in-house webserver using SSL, click on that and
since they are referred from a secure location, the in-house server would be
setup to accept their connection and allow them to check their email using
the web-browser email application. Any attempted connections that isn't
referred from the secure web page would be denied by the web server, which
would hopefully put a good block against most hacking attempts.

---

	I also understand that some of these phones may allow the use of an
SSH application, which means they MIGHT also be able to do port forwarding
for other webapps on the phone. If that's the case, then all they'd need to
do is pull up their SSH client, login and then possibly use the built-in
Mobile Outlook application and read their email or use the web browser to
connect as they currently do, with their latops, on the road.

	I'd like to know if either idea is feasible. I'd like the first idea
to work nicely, as that means I would have very little work to do if they
decide to switch devices or want to just check email on their nephew's
computer in Botswana and don't have service on their cell phone. (Plus, it
would go along with the whole, "Lazy Thing" we UNIX guys are into: "Do a lot
of work up front so that you do less work over time.")

	Thanks,
	Rob

More information about the mdlug mailing list