rpc over http not working for me

I have my server 2003 set up so that clients can get access to their mail and contacts from their outlook 2003, but only if I set up outlook while inside our office.  If I get on a machine outside the building, no matter how I set up the options, I cannot get outlook 2003 to connect to the server.  This means new users have to bring their laptops into the office for me to set them up with their email which is not ok with the boss.  

My certificate is the outside IP address used to connect to the server.
If someone inside the office tries the IP address, it points to the internal one so there is no need for split DNS.

When i searched for this question on  this site, the links people provided within the threads never worked so I guess they are outdated.  Please tell me if and what other information is needed to help me and I will get it.  Thanks
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kankerfistAuthor Commented:
also, once I set them up in the office, they can check email both inside the office and outside the office without haveing to change anything.
Where do I start? You need to get the basics working first.

First - certificate is issued to an IP address? It MUST be on a name, which will require split DNS. Are you using live Internet IP addresses both internally and externally? That is a bad idea - from a security point of view you should be NATing the internal machines behind a firewall.
Second - when you connect to the /rpc sub folder do you get a prompt over the certificate? If so, that will stop RPC/HTTPS from working correctly.

For the best sucess, use a real certificate, not a home grown one. FreeSSL is the cheapest place.
Get it working internally first, using the outlook /rpcdiag tool to ensure that it is connecting over HTTPS and not TCP/IP.
Once you have it working internally then you can think about trying it from outside.

Take a look at my website: http://www.amset.info/exchange/ I have extensive information on setting up RPC over HTTPS, and the section will be overhauled with even more information based on recent implementations. There are so many places where it can go wrong which you need to check.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
I use home grown Certs and it work extreamly well I would agree thought that the cert needs to be a FQDM and you should use split DNS (no worries there bread and butter stuff) and make sure you are not using NTLM athuntication although you could use that before you do you certs
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.