?
Solved

Trouble getting RPC over HTTPS working. Error 403.1.

Posted on 2005-05-05
10
Medium Priority
?
367 Views
Last Modified: 2008-02-01
Hi,

I am having trouble getting RPC over HTTPS working. I can get it working internally on HTTPS, but it will not work from outside the LAN. The internal domain is different to the external domain name used (only because the external has a .co.uk on the end). I have done everything according to the instructions, but I have come to a sticking point whith the permissions for /rpc. I can access OWA (/exchange) with HTTPS but when accessing /rpc I keep getting Error 401.3, and it will not authenticate me with any of my credentials that work with OWA. It looks to  me like it's a permissions error, but I am just not sure what with, the Rpc and RpcwithCert virtual directory are both set for intergrated and basic only. What can i do?
0
Comment
Question by:gabiosz
  • 6
  • 4
10 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 13933793
Are you sure that it is working internally?

Close Outlook, ensuring that outlook.exe is not running in the event viewer.

Then click Start, Run and type

outlook.exe /rpcdiag

This will start Outlook in the usual way along with an extra diagnostic window. This will show you what is happening, including whether Outlook is connecting over TCP/IP or HTTPS.

Simon.
Exchange MVP.
0
 

Author Comment

by:gabiosz
ID: 13933879
I have used rpcdiag and it defineitely connects over HTTPS internally not TCP/IP, so I assume that's correct. Externally it dosen't get past the authentication and nothing shows in rpcdiag, no connections are made.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 13944699
What is between the Internet and your Exchange server? A firewall of some kind? Could it be interfering with the HTML traffic?

Simon.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:gabiosz
ID: 13945521
Well there is an FVS318 router, but i thought that all that was needed was port 443, OWA works ok through it.
0
 

Author Comment

by:gabiosz
ID: 13945630
I have reinstalled IIS, the rpc component and Exchange, but I am still getting no results.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1500 total points
ID: 13946859
All the feature requires is port 443 - that is the whole point. However some devices can filter or read the packets which can upset things. Any kind of filtering on this device?

If the feature is working internally over https for both directory and database then it has to be something outside of Exchange causing the problem. I always tell people to get it working inside first before you try it from outside as from outside there are too many variables that could be causing a problem.

Simon.
0
 

Author Comment

by:gabiosz
ID: 13980120
Ok it works perfectly internally over HTTPS for both directory and database. Externally it brings up the logon window but dosen't get any further. I have tried both NTLM and Basic authentication with no luck. It must be a permissions, authenication or a name resolution issue.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 13981368
Is the machine that you are trying to use externally a member of the domain? If not, is it possible to try using a non-domain member inside? This will confirm what is happening with the authentication.

Simon.
0
 

Author Comment

by:gabiosz
ID: 14059701
OK, I have turned on the DMZ setting and pointed it at my server and it seems to work over HTTPS.
Obviously I cannot leave DMZ open, I have a Netgear FVS 318 firewall router, does anyone know how I can configure this router to work safely?
0
 

Author Comment

by:gabiosz
ID: 14069216
Fixed it! It seems that once my PC had connected successfully to the exchange server either with the DMZ or in my case i temporarily establised a VPN to get it connected initially and then once the inital connection had been made and the folders added to my outlook profile, i set it to cashed exchange mode and removed the VPN connection, and it just seems to work now.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question