Solved

What ports need to be open at the remote site to access OWA?

Posted on 2004-04-21
8
360 Views
Last Modified: 2008-02-26
I know that port 80 needs to be open on my local firewall, but what ports need to be open on a remote site firewall for someone to be able to access OWA from there?

I was always under the impression that as long as the remote site had web access (and of course my firewall allowed it), then anyone at that remote site should be able to access OWA remotely.
0
Comment
Question by:piersk
  • 4
  • 3
8 Comments
 
LVL 6

Expert Comment

by:bwinzenz
ID: 10879763
You are correct.  As long as the remote site can access the Internet (all http traffic uses port 80), then as long as your firewall has port 80 inbound open to the OWA server, they should be able to access it.  There really isn't much more to it than that.  If you think about it, OWA is just another website.

If you want to secure OWA, you would want to use SSL (https) and obtain a certificate from an online certificate authority (such as Thawte).

Ben
0
 
LVL 1

Author Comment

by:piersk
ID: 10879803
Apparently (having spoken to the support team at the remote location) there are other ports that need to be opened.

I probably should have explained myself a bit better. My colleague can access the site. He can log in and gets the icons on the left and the top, but nothing in the central, main part of the screen. I need to know the ports that need to be unblocked for this to work.
0
 
LVL 6

Expert Comment

by:bwinzenz
ID: 10880444
After looking at this again, it appears that the remote client will use a high port locally (1024+) and it connects to port 80 of the OWA server.  However, the outbound connection on the client should occur over port 80.  The local port that the client uses should not matter one bit.

Have you tested logging on to OWA locally on your LAN?  Does that produce different results?  Have you installed URLScan or the IIS Lockdown Tool on the OWA server?  Both of those are known to cause problems with OWA unless they have been specifically tuned for Exchange/OWA.

Ben
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:piersk
ID: 10880480
I havent installed URLScan or IIS Lockdown.

My colleague can access OWA when on dial up from the same workstation, just not when he is on the network (please bear in mind that he is doing some consultancy for another company and is at their offices), so I am trying to fix his for THEIR network guys. I know for a fact that its something to do with their firewall, but they have no idea what port needs to be unblocked, so I am doing the work for them...

I'm not bitter ;-)
0
 
LVL 6

Expert Comment

by:bwinzenz
ID: 10880549
Tell ya what.  I'm gonna set up my laptop in our DMZ (to simulate being on the Internet coming in), and I'll run a packet sniffer showing me all traffic from my laptop to my OWA server.  I'll post back the results in a few.  I honestly don't think it is a port issue.  It could be something *else* causing the problem, but it shouldn't be a port issue.

Ben
0
 
LVL 6

Accepted Solution

by:
bwinzenz earned 250 total points
ID: 10880764
OK - I just tested this.  Every single packet that was sent from my laptop to my OWA server was sent out on either port 80 or 443 (I have SSL set up).  There were no other ports involved.

I'd suggest that you test this as well.  The tool that I use is called NetworkActivSniffer.  It was a free download.  Do a Google search for it and I'm sure that you will find it.  I agree with you here that something is funky with their end of things, but it is not the ports.  Do they perhaps have some other type of device between your colleague's computer and the Internet?  Have him run a tracert to your OWA server and find all the hops that are on their network.  Make sure there isn't some sort of QoS device that could be blocking the content (Packetshaper, Sitara, etc.).  Is there a Proxy server on their end?

Ben
0
 
LVL 1

Author Comment

by:piersk
ID: 11105836
Not abandoned, just forgotten (sorry).

Spoke to the IT people their end (having seen bwinzenz's answer) and they have their network set up so that it would allow use of OWA 2k3, but I don't think they really had much of a clue since they didn't know how to change it to allow access for OWA2000. Such is life
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now