OWA - Displaying error message 'Unknown' - 400 Points

Hello all :)

Have just noticed that OWA is not working.
Exchannge 2003 running on Win2003 with all latest updates and service packs.

In OWA, create an e-mail and click on To: to select a user from the contact list. Highlighting the name and clicking on To: to add it to the To: field does not work and IE displays an error message saying only 'Unknown'.

If you manually type in an e-mail address and click Send it will also display 'Unknown'. However, if you reply and send then it works OK.

Not sure why this is happening? Has been fine for months. Nothing in the Event Log either.

Can anyone help?
Thanks!
BoyderamaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SembeeCommented:
All machines?
One machine?

Simon.
BoyderamaAuthor Commented:
Hello Simon,

Noticed the problem from home. Thought it could be an IE issue with my home PC but same problem at work either by accessing it via external address or local IP.

It seems to be global and nothing has changed on the server itself but it does automatically update from WSUS so perhaps an update screwed something up?

I can send you a screen dump if that would help?

Thanks!
Boyd
SembeeCommented:
Check the authentication settings on the virtual directories in IIS Manager:

/exchange: Integrated and Basic ONLY.
/exchweb: Anonymous ONLY.
/exadmin: Integrated ONLY.
/public: Integrated and Basic ONLY.

Or you could simply reset everything...

http://support.microsoft.com/default.aspx?kbid=883380

Simon.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

BoyderamaAuthor Commented:
/exchange and /public never had Integrated selected so I did set them.

However, hasn't worked. BUT did find something out.

When I tried accessing the server locally earlier on I did it wrong. I browsed to 192.168.1.15 BUT clicked on a hyperlink within my customised paged which put it back to the external address. Doh! So this time I browsed directly to 192.168.1.15/exchange and the problem does not exist!

Therefore it must be a problem with the firewall or our new ISP? We've recently changed ISP's and installed a new SonicWall firewall. Although all ports are correct perhaps something is set incorrectly?
SembeeCommented:
If it works inside but not outside then you have to look at the firewall.
Having the external address resolve internally is easily achieved using split DNS.

What ports have you got open on the firewall from the Internet?

Simon.
BoyderamaAuthor Commented:
Okie.

We have a Netgear Router which plugs directly into the SonicWall TZ170 firewall.
We previously had a NetScreen firewall and that caused no problems with OWA.

I used the SonicWall's wizard to setup the following ports:

25
80 - HTTP
143
110
443 - HTTPS
995

These map directly to 192.168.1.15.

I have a managed DNS solution provided by easyDNS. So, mail.domain.com goes to our firewall IP. I didn't bother giving our mail server it's own IP as I didn't see the point. The firewall can simply forward the request dependent on the port number.

The above setup works. I can (should POP3 be switched on) POP3 into the server and also gain access to OWA. I've customised the main page so you need to click on a link to bring up the logon screen of OWA.

This setup has always worked but obviously in changing the firewall / router and ISP has caused these error messages to appear. I've played around some more and pretty much most buttons you click on produce this 'Unknown' error message.

As I'm able to access OWA and login, it shows the firewall is configured correctly. SO, I wonder if it's to do with the fact our IP's have changed due to moving ISP's? Perhaps when clicking on a button it's trying to access the old IP address?

Not sure what split DNS is btw? For now, should I want to access OWA internally I'll simply use https://192.168.1.15/exchange

Info: We use SSL so http access doesn't work. It must be https. Again, this has been setup for sometime without issue.

Thank you very much Simon! :)
SembeeCommented:
Split DNS is where the name resolves internally and externally to different IP addresses.

So inside mail.domain.com would resolve to 192.168.1.15 and outside it would resolve to 51.52.53.54 (or whatever).
http://www.amset.info/netadmin/split-dns.asp

Means that you can use the same name internally and externally.

Does the firewall have any http scanning features? Those can cause problems.

Simon.
BoyderamaAuthor Commented:
Interesting! Will check that out once everything is working again.

The firewall does have various anti-virus / anti-spyware / intrusion prevention etc. These are all switched off though.

Have an idea. I'll bypass the firewall by placing the router directly into the switch and give the mail server a public IP address.
If the problem still exists then we know it's not the firewall. Does that sound like a good idea?

Let's say the firewall is not at fault. Could it be due to us changing IP addresses? Could our internal DNS servers be caching old records at all?
Trying to think of everything.

The SSL certificate was produced internally by installing the Windows Certificate Authority. Could this certificate be registered to the old IP address or old ISP connection at all? Doubt it myself but worth mentioning.

Thanks Simon!
SembeeCommented:
The certificate will not be trusted by the browser natively, so will throw back a security error on a clean machine.
SSL certificates are tied to the name, not the IP address.
Inbound traffic will not be affected by any DNS caching, so I doubt if that is the problem.
Otherwise go through the network and internet configuration and ensure that any external IP addresses are correct - check external DNS servers, gateways etc.

Simon.
BoyderamaAuthor Commented:
I'll have to get a proper SSL certificate then. Just don't want to spend hundreds of pounds for one. Most of the big players are expensive.

Will double check all the network configurations but believe these all to be fine.

I'm hoping bypassing the firewall will solve the problem. At least I'll know where the problem lies.
SembeeCommented:
I use RapidSSL for my deployments. $70 a year.
If you have handhelds then you have to install the root certificate on to their devices, but that isn't too much hassle.

Simon.
BoyderamaAuthor Commented:
Great! Will get one of their FreeSSL's to try. Thanks!
BoyderamaAuthor Commented:
Simon,

Interesting! Did all the above and nothing worked.

Went to update.microsoft.com and installed around 8 high priority and 4 optional updates.
Problem gone! Strange!?

What is more strange is that on the 3 computers I'd tried including my home PC this problem existed.
With all updates installed these computers no longer suffer from the 'unknown' error message.

However, have tried another 4 computers in the office which do not have all the current updates and the problem is not there. Hmmmm.

The only major thing that differs between these computers is a piece of software called 'Internet Download Manager'. Perhaps this was to blame? Perhaps the MS updates cured a problem between it and IE?

Anyhow, the problem was not with the Exchange Server nor our ISP or firewall but with the workstations. It just would happen that the problem existed on more than 2 PC's.

Points still awarded to Simon for his assistance! Thanks.
SembeeCommented:
There was an update released yesterday for Exchange.
I haven't tested it yet, it might have been in the list.

http://www.microsoft.com/downloads/details.aspx?familyid=5bc06e8a-08eb-4976-bc68-a03ebe3a2552&displaylang=en

Simon.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.