OWA not responding externally

After a bunch of BS around with the mistake of installing GFI web monitor. No that ive removed GFI and undid as much of the troubles i could see everything is working at the moment with the exeception OWA mail.technologyprinting.com/exchange

internally it works

Ive ran the ICEW a few times with error on the firewall section. this is SBS03 premiun with BES4.2
Tork4840Asked:
Who is Participating?
 
KVR_SolutionsCommented:
If you go in to IIS and expand the default (usually defualt) website, and right click on the Exchange virtual directory and click browse, you should be able to see OWA. If you can, check the properties of the default web site to see what IP address the host header is listening on. Make sure you resolve the public address of your server (or firewall if there is a NAT on port 80 or 443) from a machine outside of your domain.

You can use www.dnsstuff.com to ping owa.yourcompany.com or whatever your site is (www.yourcompany.com/owa).

Typically if you can browse it internally, but not externally - it's because your server has a public IP and IIS is not set to All Unassigned on the web site properties, or the server has a private IP and the firewall is not NATing the traffic properly.

Ira @ KVR
0
 
Tork4840Author Commented:
Please move question to SBS group
0
 
agreatroundCommented:
Is your OWA access point on the same box as your SBS/exchange or is it configured as a bridgehead to exchnage?

0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
Tork4840Author Commented:
All on the same box
0
 
Tork4840Author Commented:
Is that not what the rule SBS Windows SharePoint Services Web Publishing Rule is suppose to due? Im guessthere would have to be a DNS entry to resolve it to an internal address. Ive added a dns entry could somone test it for me I do not have access to a externall internet source.

mail.technologyprinting.com/exchange

69.15.48.198
0
 
KVR_SolutionsCommented:
Ok, first of all you can use www.dnsstuff.com to test from an external internet source. There are several text boxes available.

I just tested a ping to mail.technologyprinting.com and it resolved to 69.15.48.198. It appears that your DNS is correct. Additionally, I was able to get a reply on that address.

I think your problem is in IIS as I described, or there is a problem with your firewall.
0
 
KVR_SolutionsCommented:
I noticed that you have RDP enabled. If you want to create a temporary account for me, I'll locate the problem and explain it to you.
0
 
KVR_SolutionsCommented:
You'll have to add this user to the Remote Desktop Users group. If you want to bypass this, just make them a Domain Admin for the time being. You can delete the account when we're done.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
The problem, as I see it, is that port 443 is either being used by something else or it's not open and pointed to your server... if you're getting an error when running the CEICW you need to look in the logs and see what that error is and correct it!

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
The log is at C:\Program Files\Microsoft Windows Small Business Server\Support\icwlog.txt

Jeff
TechSoEasy
0
 
KVR_SolutionsCommented:
Lol, I didn't expect him to post it for the world to see. I immediately spoke with him (voice) and had the password reset. No offense taken! I agree 100%. ;)

I'll post the results of this answer in a little bit.
0
 
MarkWYnneCommented:
What heppens after authentication?, as the login portal loads.
0
 
kcg-witchdoctorCommented:
Looks like it is availiable to me.  
0
 
kcg-witchdoctorCommented:
You try https://mail.technologyprinting.com/exchange 


Do you have the s  in https?
0
 
KVR_SolutionsCommented:
The problem was that the server had multiple sites running in IIS with hostheaders on the same ports. His default website with Exchange wasn't started. Additionally, ISA server didn't have a policy to allow access to web traffic (port 80) from anywhere.

Ira @ KVR
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Additionally, the problem is that the SSL certificates have gotten messed up because of this.  Currently, the server is pushing out the INTERNAL certificate (publishing.Technologyprinting.com).

This is partially caused by using a resolvable FQDN as the internal domain name.

The certificates need to all be removed from the server and the CEICW should be rerun to regenerate them.

Jeff
TechSoEasy
0
 
Joseph NyaemaIT ConsultantCommented:
Isn't it against EE rules to post a question then have an expert sort out the problem on  phone as KVR solutions has done?  Isn't that cheating?
0
 
KVR_SolutionsCommented:
I didn't sort out the problem on the phone. If you read the comments, you'll see that I spoke with him on the phone to notify him of the security risk with the password posted publicly. Please read my EE profile for clarification on how I handle people that want to contact me directly.

Ira @ KVR
0
 
KVR_SolutionsCommented:
Looking back, I realize that it wasn't right to offer that assistance when there was someone else involved in the question (agreatround). Honestly, I just overlooked it. I was just trying to help the guy and I knew that the quickest solution was to log in and fix it. I'll be more careful in the future as I respect this site and what it stands for greatly. I enjoy my time here!

If anyone feels I should have the points removed, please notify the mod and I'll have no problem with that.

Thanks,

Ira
0
 
KVR_SolutionsCommented:
Lol, I really don't want to beat a dead horse, but... I read *all* of the rules before I started posting on this site. Perhaps I interpreted this one incorrectly?

"The same applies to the use of Remote Access to resolve a problem. We recognize that sometimes, the only solution is a hands-on tinkering with a configuration, but this should be considered a last resort, and only with the full permission of the other participants in the question, and only with the full and complete disclosure of the methods used to resolve the problem. Any points awarded without the posting of both of these criteria will be removed from both the Asker's and the Expert's totals."

I don't want to make the same mistake again.. but I guess I need clarification. :)
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Hmmm... I actually didn't ever remember seeing that paragraph... so as Miss Litella would say... "nevermind".

Jeff
TechSoEasy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.