Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


OWA not reachable from outside on the Internet

Posted on 2004-10-27
Medium Priority
Last Modified: 2008-02-01
I have setup my OWA server on the inside with a FE and BE.  However from the outside I have a Public IP address and when I go to that nothing comes up.  I have in my checkpoint FW nated the public IP address to the FE server internal NIC.  That way when someone goes to the Public IP address for OWA they will be routed to the internal NIC.  

Just to let you know that I have the necessary ports turned on, I'm allowing port 25 from the outside fW and my FE is in the DMZ.  From the DMZ to my internal network where my BE server is I'm allowing ports 25, 80, 52, 3268, POP3, 389, and a host of others.  So I dont know why I cant get to my OWA from the outside.  Also I tried to type http:// server IP address  and still nothing.

Please help...

Question by:spurlockb
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Accepted Solution

getzie earned 750 total points
ID: 12429416
Just checking, you are allowing port 80 from Outside to the DMZ right?  Also, I would recommend SSL for OWA (port 443).  Does OWA work from the internal LAN?

Author Comment

ID: 12430303
Yes OWA does work from the internal lan.  AS for port 80 from outside to the dmz, the test that I ran tonight was telneting on port 25 to the public ip address and i could get in.  But then again thats how mail comes in thru port 25.  So then I tried telneting to port 80 and was not able to get from the interent to the public ip address.  But then again i'm not sure if you are suppose to be able to get to port 80 of an FE from the internet.  So to answer the question I was not able to telnet to port 80 from the internet to the public IP address.
LVL 15

Expert Comment

ID: 12431153
Hi spurlockb,

Getzie is right about the ports that need opening.  
Port 25 is SMTP - that's used for transferring emails between email systems.  For OWA you will need ports TCP/80 (HTTP) and TCP/443 (HTTPS) to be port forwarded to your FE server.

Make sure that you IIS configuration allows connections from all IP addresses.  Do this in IIS Manager, Exchange virtual server, properties, Directory security, IP address...

There's a very handy tutorial on this at http://www.msexchange.org/tutorials/OWA_Exchange_Server_2003.html

I suggest that you check the above, and if it doesn't work, please let us know exactly what happens when you try to access the page.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 12432597
Should I be able to telnet to port 80 just like i was to port 25?

Author Comment

ID: 12436257
What are some test that I can do on the inside of my network to confirm that OWA is working?  Meaning what can I do to make sure that exchange FE is accepting http and smtp?  Because then I can atleast say that my internal stuff is working and then I could start looking at the firewall.

LVL 15

Expert Comment

ID: 12436371
> Should I be able to telnet to port 80 just like i was to port 25?
Yes, but you need to tell it do do something:

telnet <servername> 80

(couple of returns at the end)  You should get a load of HTML, and hopefully not an error message :-)

As for internal tests - you said that you were able to access OWA internally, and that you've telnetted to port 25 from the external address.   They're the most conclusive tests in this case.

I think it's either a firewall/router problem or an issue with your IIS config.  Can you check these?

Author Comment

ID: 12443196
I will check with the firewall and router, besides that what can  I do on IIS to make sure that its not something I setup wrong.  Dont get me wrong I'm not trying to rule out the FW and router I just want to make sure 99.9 % thats its something that I didnt do.


Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
This video discusses moving either the default database or any database to a new volume.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question