Using NTLM with RCP/HTTP Authentication for Exchange

We are using RCP/HTTP for Exchange access for all portable machines on our network.  We are able to get RCP/HTTP to work external from our network using Basic Authentication, and We are able to get NTLM to work when inside our network.  Unfortunatly, we cannot get NTLM to work outside our network.  When we start Outlook on an machine that was verified working locally, it waits then asks for a login.  The user can then try logging in using the user id alone as well as the basic authentication format (doman\username)  and it will not authenticate.  

Any ideas what might be causing the issue?
 
We have a fully qualified domain and are using a Sonicwall hardware firewall and have forwarded WAN requests from the following ports to the exchange server:

5800 - 5900  (TCP/UDP)
993  (TCP)
143 (TCP)
135-139 (TCP/UDP)
389  (TCP/UDP)
443  (TCP)
88   (TCP/UDP)
80  (TCP)
636 (TCP)
bitslvAsked:
Who is Participating?
 
SembeeConnect With a Mentor Commented:
If basic authentication was enabled, then that would stop NTLM from working. You need to have both integrated and basic enabled. Do not enable anonymous.

Although it doesn't really matter, because RPC over HTTPS using https which is encrypted anyway.

Simon.
0
 
SembeeCommented:
The ONLY port you need for RPC over HTTPS to work is 443. Nothing else. The other ports can be closed unless you need them to be open. In fact some of those ports are dangerous to have open to the Internet - 135 especially.

Simon.
0
 
bitslvAuthor Commented:
I understand that and closed the unused ports including 135.  Unfortunatly, I still cannot understand why I cannot Get NTLM to work outside the network.  Port 443 is open.  Why would basic work, but not NTLM?
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
SembeeCommented:
What authentication settings have you got set on the /rpc virtual directory in IIS Manager?

Simon.
0
 
bitslvAuthor Commented:
Basic Authentication was checked only.  Should "Integrated Windows Authentication" also be checked?

Thanks,

Brook

0
 
bitslvAuthor Commented:
The Default Domain and Realm are the same.  I selected the top three authentication methods.  

I still need to test externally, but which authentication methods do you suggest?
0
 
bitslvAuthor Commented:
That was it.  Thank you very much for your help.
0
All Courses

From novice to tech pro — start learning today.