• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 339
  • Last Modified:

Exchange server 2003 running RPC over HTTPS with Netgear FVS318.

I have exchange server 2003 running RPC over HTTPS which works internally, however it will not work from the outside, I have a Netgear FVS318 running firmware 2.4, for some reason my rpc over https will not work at all, I can only assume that it is related to the firewall somehow. Ports 80 and 443 are open and pointing to th exchange server and OWA works from outside. I am really stuck and have spent days on this.
0
gabiosz
Asked:
gabiosz
  • 4
  • 3
  • 2
  • +1
1 Solution
 
gabioszAuthor Commented:
Incidentally i get the following error whne testing the rpc in a web browser, i'm not sure if it is the correct error:

HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)
0
 
Variable3742Commented:
HTTP Error 403.2 - Forbidden: Read access is denied.
Internet Information Services (IIS)
 Is the correct error to see when testing RPC over HTTP.  I would make sure that you have the permissions set correctly.

Good Luck

0
 
Variable3742Commented:
Sounds like someone has changed the authentication in IIS from Anonymous to Basic. When you type your username, do you include the domain name
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
SembeeCommented:
Are you sure that it is working internally?
Outlook falls over to TPC/IP connections if HTTPS works, and this would work internally.

Close Outlook totally and then click start, run and type

outlook.exe /rpcdiag

This will start Outlook as normal, but also include an additional box which shows how Outlook is connecting.

Finally, check the authentication on the /rpc virtual directory. It should be integrated and basic only.

Simon.
0
 
gabioszAuthor Commented:
I was able to use HTTPS as displayed in rpcdiag from a pc on the internal LAN.

Authentication is basic and intergrated only, however the /rpc keeps throwing up errors externally it's 401.3 and internally it's 401.1 no matter what credetials i enter (ie. administrator, etc.). Any pointers?
0
 
SembeeCommented:
Those are straight authentication failed errors.
Does regular OWA work correctly?

Simon.
0
 
gabioszAuthor Commented:
Yes, OWA works both internally (LAN) and externally (Remotely) with SSL, so the certificates and router and everything must work ok, it is just the RPC side of things which don't seem to work externally.

No matter what cerdentials i enter the https://(myserver)/rpc will not authenticate and gives me error 401.3 externally and 401.1 internally. I have checked the
permissions for the rpc and rpcwithcert in the IIS control panel and basic and intergrated windows are enabled and nothing else is. Am I missing something?
0
 
BILJAXCommented:
make sure you have port 443 and 8443 forwarded on your router/firewall.
0
 
BILJAXCommented:
oh, you also need to have the "public" ip in the list under "Default Web Site" under IIS on the exchange server.



AC
0
 
SembeeCommented:
BILJAX - 8443? For RPC over HTTPS you ONLY need 443. No other port required.
And the public IP address shouldn't be listed under default web site in IIS unless you have multiple network cards and the second NIC is directly connected to the Internet (bad idea). If you are NATing the port and IP address then you cannot list the external IP on the Exchange server itself.

This appears to be a straight authentication issue. An error message of some kind is expected when you use RPC - but authentication failed.

Are you entering your credentials in username/password or domain\username and password?

Have you made any changes to the IIS configuration since you installed it?

Simon.
0
 
gabioszAuthor Commented:
I haven't made any changes to IIS and I have tried logging in useing domain\username and just the username as I can with OWA, no joy.

I don't know where to start with the permissions errors, any pointers?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now