Solved

Exchange 2003 with .local extension

Posted on 2006-07-24
9
308 Views
Last Modified: 2010-04-18
hi, i'm having dificulty setting up OWA on a Domain with a example.local extension. I do not have any troubles setting it up with a .com or .co.za extension. is their some way i can work around this??

For example: how i set it up normally is as follow, I create an SSL certificate called secure.example.com/co.za on the Internal Server/mail. SSL and OWA internaly works fine, no problems. The other thing is we run ISA 2004, now i create the neccesary rules and I don't have any troubles from the outside/internet. all is well when i do this with a .com or.co.za extension.

But as soon as a domain has a .local extension i have troubles. i know that .local cannot be resolved externally, and i use SBS 2003 premuim.all my services\applications are running off a single DC. IF i use a certificate called secure.example.local, how will i use this from the internet?? because you cannot use .local. as far as i know the Certificate you create needs to match the internal mail server/domain name?? changing the Hosts file and adding an entry would'nt help either??

Is their a work around on this or not??

thanks
0
Comment
Question by:technolutions
  • 3
  • 2
  • 2
9 Comments
 
LVL 43

Accepted Solution

by:
Steve Knight earned 250 total points
ID: 17166628
Maybe I have misunderstood the question but presumably your users will use secure.example.com or co.za etc. with an entry in the company's real DNS at the ISP for'secure' in the example.com domain pointing at your external address, users will come through with https://secure.example.com/... and there will be a suitable certificate in place either on ISA2004 (use a web listener on port 443 to terminate the SSL connection then forward to OWA) or whatever?

Steve
0
 

Author Comment

by:technolutions
ID: 17167391
Hi Steve

what you have mentioned above is all well if i had a different extension to .local but unfortunately it does'nt work with what i currently have.
What we are using is DynDns and it won't  help creating record at the ISP because .Local won't resolve anywhere.(with a .com or.co.za extension i create the records) we do not make use of a static IP. the certificates are in place. Just to state that i don't have any problems doing so when a domain has a .com/.co.za extension.

Look my domain is called example.local and my certificate is called secure.example.local, I believe the problem is with the .Local??

thanks

Johan
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17167553
I have to say I have never used OWA being a Lotus Notes/Domino person mainly (though I do work on Exchange).

The .local should be irrelevant. If you are using dydns.org then presumably you have an address with them such as company.dyndns.org and/or a a cname in your own dns pointing at the dyndns.org address.  Either way if you have company.dyndns.org then you need a certificate that matches that so that when a user outside types in https://company.dyndns.org it resolves to your external IP opens up an encrypted path to your ISA server.  As long as there is a suitable certificate on that server then surely that is that.

Again I'm not sure of the mechanisms built in to SBS for OWA but for other hosted applications I have dealt with behind an ISA 2004 firewall you can create a web listener on port 443 (SSL) on the outside interface in ISA that listens for https://company.....org/owa/ or whatever and decodes the traffic then forwards it to http://exchangeserver.company.local/ or whatever inside.  You just install the trusted external certificate you have craeted onto the ISA server itself in the certficiates MMC snap-in.

Maybe someone else here will knwo more about the OWA side or perhaps this would be better in the Exchange or Outlook question areas?

http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/

Steve
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 2

Expert Comment

by:SkUllbloCk
ID: 17167971
.local wont be routed

The only way i can suggest that you do this, is by first creating a vpn onto the network, and then access the OWA. or disable the SSL connection part of it. (the later is NOT recommended)
0
 

Author Comment

by:technolutions
ID: 17175204
Hi Steve/SkUllbloCk

is their a way you can setup the OWA without using SSL? Not recomended but is it possible. and if it is can you please support me with details in doing so?

Johan
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17175642
Not sure, but if you can connect to it using http://yuourip/owa or whatever the url is then use your ISA as an SSL endpoint as suggeste so the traffic remains encrypted over the internet portion. WIll see if I can find any docs on this later

Steve
0
 
LVL 2

Assisted Solution

by:SkUllbloCk
SkUllbloCk earned 250 total points
ID: 17184470
Go to IIS settings.
websites > default website > exchange
go to the properties of the exchange website.
Click on the directory security tab.
Under secure communications click edit
then untick the require secure channel (SSL) option.

then you can browse to the OWA via http://ipaddress/exchange
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Learn about cloud computing and its benefits for small business owners.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now