• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 908
  • Last Modified:

OWA not reachable from outside on the Internet

I have setup my OWA server on the inside with a FE and BE.  However from the outside I have a Public IP address and when I go to that nothing comes up.  I have in my checkpoint FW nated the public IP address to the FE server internal NIC.  That way when someone goes to the Public IP address for OWA they will be routed to the internal NIC.  

Just to let you know that I have the necessary ports turned on, I'm allowing port 25 from the outside fW and my FE is in the DMZ.  From the DMZ to my internal network where my BE server is I'm allowing ports 25, 80, 52, 3268, POP3, 389, and a host of others.  So I dont know why I cant get to my OWA from the outside.  Also I tried to type http:// server IP address  and still nothing.

Please help...

thanks
0
spurlockb
Asked:
spurlockb
  • 4
  • 2
1 Solution
 
getzieCommented:
Just checking, you are allowing port 80 from Outside to the DMZ right?  Also, I would recommend SSL for OWA (port 443).  Does OWA work from the internal LAN?
0
 
spurlockbAuthor Commented:
Yes OWA does work from the internal lan.  AS for port 80 from outside to the dmz, the test that I ran tonight was telneting on port 25 to the public ip address and i could get in.  But then again thats how mail comes in thru port 25.  So then I tried telneting to port 80 and was not able to get from the interent to the public ip address.  But then again i'm not sure if you are suppose to be able to get to port 80 of an FE from the internet.  So to answer the question I was not able to telnet to port 80 from the internet to the public IP address.
0
 
scampgbCommented:
Hi spurlockb,

Getzie is right about the ports that need opening.  
Port 25 is SMTP - that's used for transferring emails between email systems.  For OWA you will need ports TCP/80 (HTTP) and TCP/443 (HTTPS) to be port forwarded to your FE server.

Make sure that you IIS configuration allows connections from all IP addresses.  Do this in IIS Manager, Exchange virtual server, properties, Directory security, IP address...

There's a very handy tutorial on this at http://www.msexchange.org/tutorials/OWA_Exchange_Server_2003.html

I suggest that you check the above, and if it doesn't work, please let us know exactly what happens when you try to access the page.
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
spurlockbAuthor Commented:
Should I be able to telnet to port 80 just like i was to port 25?
0
 
spurlockbAuthor Commented:
What are some test that I can do on the inside of my network to confirm that OWA is working?  Meaning what can I do to make sure that exchange FE is accepting http and smtp?  Because then I can atleast say that my internal stuff is working and then I could start looking at the firewall.

Thanks
0
 
scampgbCommented:
spurlockb:
> Should I be able to telnet to port 80 just like i was to port 25?
Yes, but you need to tell it do do something:

telnet <servername> 80
GET /


(couple of returns at the end)  You should get a load of HTML, and hopefully not an error message :-)

As for internal tests - you said that you were able to access OWA internally, and that you've telnetted to port 25 from the external address.   They're the most conclusive tests in this case.

I think it's either a firewall/router problem or an issue with your IIS config.  Can you check these?
0
 
spurlockbAuthor Commented:
I will check with the firewall and router, besides that what can  I do on IIS to make sure that its not something I setup wrong.  Dont get me wrong I'm not trying to rule out the FW and router I just want to make sure 99.9 % thats its something that I didnt do.

Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now