OWA HTTP/1.1 503 Service Unavailable intermittent error W2K Ex2K front/back-end config

After entering login info into OWA through IE6 browser, user receives the error: HTTP/1.1 503 Service Unavailable. I have Exchange 2K running on W2K servers in a front/back-end configuration. This error message occurs intermittently with no event log reference. Reboot of the front-end Exchange server resolves it for a while and users can access their mailbox through OWA. Then for no obvious reason, it happens again. The front-end server is in a DMZ, no configurations changes have been recently made to the firewall. This problem has been occurring for months and appears to be growing more frequent!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When it happens - does it occur for all users?
The most common fix for OWA problems is to flush out the temporary internet files on the client and then reconnect.

I will not pass comment on the Exchange in a DMZ... other than to post this link to my blog: http://www.sembee.co.uk/archive/2006/02/23/3.aspx

ncsc2006Author Commented:
Hi yes, when it happens, it happens for all users. It just happened again and now I have noticed an error that may be coinciding with the problem. It is in the App log on the front-end box. Process INETINFO.EXE (PID=712). All the DS Servers in domain are not responding. I have seen this error before and confirmed all necessary ports are open on the Pix (reviewed and compared to the ports in your article link as well). So, it does not appear to be a firewall problem, what other configuration issues could I have here? Again, rebooting the front-end server resolves but I cannot reboot the server 4-5 times daily.  
That message would appear to indicate that it stops being able to connect to the domain controllers.
One of the major issues with having a firewall in between the Exchange servers is that Exchange will talk to any of the domain controllers. You have to allow access through the firewall to all of them as Exchange will just change which one it is talking to.

Furthermore, Exchange doesn't fall over very quickly when one DC stops responding - I believe it is 30 minutes or more before Exchange goes looking for another DC. Your restarting the server forces the services to look for a domain controller and it continues responding.

It may also be the firewall closing the session.

The main thing that I would suggest would be to bring the server inside and see if the server remains active for the entire day - if it does then the firewall is causing the problem. The issue you have is that at the moment is that while the firewall is there suspicion must fall on that as being the cause or a contributor because its main job is to block traffic.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.