Solved

OWA not responding externally

Posted on 2006-11-17
24
727 Views
Last Modified: 2008-01-16
After a bunch of BS around with the mistake of installing GFI web monitor. No that ive removed GFI and undid as much of the troubles i could see everything is working at the moment with the exeception OWA mail.technologyprinting.com/exchange

internally it works

Ive ran the ICEW a few times with error on the firewall section. this is SBS03 premiun with BES4.2
0
Comment
Question by:Tork4840
  • 9
  • 4
  • 3
  • +4
24 Comments
 

Author Comment

by:Tork4840
ID: 17967685
Please move question to SBS group
0
 

Expert Comment

by:agreatround
ID: 17967897
Is your OWA access point on the same box as your SBS/exchange or is it configured as a bridgehead to exchnage?

0
 

Author Comment

by:Tork4840
ID: 17967946
All on the same box
0
 
LVL 3

Accepted Solution

by:
KVR_Solutions earned 500 total points
ID: 17968592
If you go in to IIS and expand the default (usually defualt) website, and right click on the Exchange virtual directory and click browse, you should be able to see OWA. If you can, check the properties of the default web site to see what IP address the host header is listening on. Make sure you resolve the public address of your server (or firewall if there is a NAT on port 80 or 443) from a machine outside of your domain.

You can use www.dnsstuff.com to ping owa.yourcompany.com or whatever your site is (www.yourcompany.com/owa).

Typically if you can browse it internally, but not externally - it's because your server has a public IP and IIS is not set to All Unassigned on the web site properties, or the server has a private IP and the firewall is not NATing the traffic properly.

Ira @ KVR
0
 

Author Comment

by:Tork4840
ID: 17968629
Is that not what the rule SBS Windows SharePoint Services Web Publishing Rule is suppose to due? Im guessthere would have to be a DNS entry to resolve it to an internal address. Ive added a dns entry could somone test it for me I do not have access to a externall internet source.

mail.technologyprinting.com/exchange

69.15.48.198
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17968674
Ok, first of all you can use www.dnsstuff.com to test from an external internet source. There are several text boxes available.

I just tested a ping to mail.technologyprinting.com and it resolved to 69.15.48.198. It appears that your DNS is correct. Additionally, I was able to get a reply on that address.

I think your problem is in IIS as I described, or there is a problem with your firewall.
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17968688
I noticed that you have RDP enabled. If you want to create a temporary account for me, I'll locate the problem and explain it to you.
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17968748
You'll have to add this user to the Remote Desktop Users group. If you want to bypass this, just make them a Domain Admin for the time being. You can delete the account when we're done.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969308
The problem, as I see it, is that port 443 is either being used by something else or it's not open and pointed to your server... if you're getting an error when running the CEICW you need to look in the logs and see what that error is and correct it!

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969311
The log is at C:\Program Files\Microsoft Windows Small Business Server\Support\icwlog.txt

Jeff
TechSoEasy
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17969379
Lol, I didn't expect him to post it for the world to see. I immediately spoke with him (voice) and had the password reset. No offense taken! I agree 100%. ;)

I'll post the results of this answer in a little bit.
0
 
LVL 3

Expert Comment

by:MarkWYnne
ID: 17969814
What heppens after authentication?, as the login portal loads.
0
 
LVL 2

Expert Comment

by:kcg-witchdoctor
ID: 17976371
Looks like it is availiable to me.  
0
 
LVL 2

Expert Comment

by:kcg-witchdoctor
ID: 17976373
You try https://mail.technologyprinting.com/exchange


Do you have the s  in https?
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17976388
The problem was that the server had multiple sites running in IIS with hostheaders on the same ports. His default website with Exchange wasn't started. Additionally, ISA server didn't have a policy to allow access to web traffic (port 80) from anywhere.

Ira @ KVR
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17976408
Additionally, the problem is that the SSL certificates have gotten messed up because of this.  Currently, the server is pushing out the INTERNAL certificate (publishing.Technologyprinting.com).

This is partially caused by using a resolvable FQDN as the internal domain name.

The certificates need to all be removed from the server and the CEICW should be rerun to regenerate them.

Jeff
TechSoEasy
0
 
LVL 16

Expert Comment

by:Nyaema
ID: 17979504
Isn't it against EE rules to post a question then have an expert sort out the problem on  phone as KVR solutions has done?  Isn't that cheating?
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17979525
I didn't sort out the problem on the phone. If you read the comments, you'll see that I spoke with him on the phone to notify him of the security risk with the password posted publicly. Please read my EE profile for clarification on how I handle people that want to contact me directly.

Ira @ KVR
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17983761
Looking back, I realize that it wasn't right to offer that assistance when there was someone else involved in the question (agreatround). Honestly, I just overlooked it. I was just trying to help the guy and I knew that the quickest solution was to log in and fix it. I'll be more careful in the future as I respect this site and what it stands for greatly. I enjoy my time here!

If anyone feels I should have the points removed, please notify the mod and I'll have no problem with that.

Thanks,

Ira
0
 
LVL 3

Expert Comment

by:KVR_Solutions
ID: 17983984
Lol, I really don't want to beat a dead horse, but... I read *all* of the rules before I started posting on this site. Perhaps I interpreted this one incorrectly?

"The same applies to the use of Remote Access to resolve a problem. We recognize that sometimes, the only solution is a hands-on tinkering with a configuration, but this should be considered a last resort, and only with the full permission of the other participants in the question, and only with the full and complete disclosure of the methods used to resolve the problem. Any points awarded without the posting of both of these criteria will be removed from both the Asker's and the Expert's totals."

I don't want to make the same mistake again.. but I guess I need clarification. :)
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17984059
Hmmm... I actually didn't ever remember seeing that paragraph... so as Miss Litella would say... "nevermind".

Jeff
TechSoEasy
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
AS400 Logging Print device 2 68
Problem to LibreOffice 24 75
Utilities to reset local Win 10 passwords 13 111
URL to download Windows 10 Home 7 79
Just about everyone has an old PC laying around.  Ask anyone in the IT industry, whether they are a professional or play in it as a hobby.  From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now