Solved

Publishing RPC over HTTP via ISA 2004 std

Posted on 2006-11-21
7
579 Views
Last Modified: 2008-02-01
Hi All

I have this irretating issue that i just can not get fixed. this is the setup we have at our office:
SBS 2003 Prem, ISA 2004, DC, GC. all this is on one server.

the layout is as follow:

----WAN-----      netgear router -----       ISA server      ------- Local Area Network
                        DC
                        Exchange
                        GC

the router is configure with an IP of 192.168.200.x and it forwards requests to the ISA server which has 2 Nics
external nic is 192.168.200.x and another nic which is connected to the LAN.

My service pack Levels are the following:

ISA 2004 SP1 & 2
SBS 2003 SP1
Exchange SP2

Here are some answers to questions you might ask:
1 i have configured my Exchange server as a Back-end server.

2 configured CA on DC, CA and certificate matches the name of the website, Server and Client trusts the
  certificate, both imported into the Trusted root authentication...

3 i configured the IIS virtual directory (RPC) to use ONLY basic authentication

4 Allowed RPC traffic from the internal network to the Localhost

5 configured the client computer, client uses Office 2003.

6 when i type the url: https://mail.mydomain.co.za/rpc i get the logon box and i then get that access denied
  ACL error. which i should get.

7 when i type the url: https://mail.mydomain.co.za/rpc/rpcproxy.dll i get the blank page with the little lock in the
  right hand corner of internet explorer. that works.

8 when i use the client computer internally (On local network) and i connect via HTTP over RPC i get the successful
  HTTPS connection when i run outlook.exe /rpcdiag.

9 I created a web publishing rule to publish the RPC over HTTP site described in the following link:
   http://support.microsoft.com/?kbid=884506#appliesto#appliesto

10 I have allowed inbound and outbound RPC port 135 traffic on the ISA server and Router.

11 I have configured the neccesary registry entries, ValidPorts. entreis are as follow:
    ServerNETBIOSName:6001-6002;ServerFQDN:6001-6002;ServerNetBIOSName:6004;ServerFQDN:6004

12  here are a few links i used for troubleshooting and further reading:

http://office.microsoft.com/en-gb/help/HA011402731033.aspx
http://support.microsoft.com/kb/840255/
http://support.microsoft.com/kb/827330/
http://www.msexchange.org/tutorials/Implementing-RPC-over-HTTPS-single-Exchange-Server-2003-environment.html
http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm
http://www.msexchange.org/tutorials/outlookrpchttp.html
http://www.microsoft.com/technet/isa/2004/plan/tscerts.mspx
http://www.microsoft.com/technet/isa/2004/plan/exchage2003.mspx
http://www.securityfocus.com/infocus/1807

I know that the issue has to be with the ISA firewall!? i have tried changing the HTTP filter on the web publishing
rule to only allow RPC_IN_DATA and OUT.

if possible could some please assist me in how to (In depth) publish RPC over HTTP/s in ISA server 2004

Regards,

Johan                  
0
Comment
Question by:technolutions
  • 3
7 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17992251
So, are you now saying that your statement in this question http:Q_22066511.html is not true?  Is everything NOT working correctly?

If you'd please run the Configure Email and Internet Connection Wizard your problems would be solved.  You are making this MUCH MORE COMPLICATED than it should be.

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17992307
0
 
LVL 8

Expert Comment

by:nitadmin
ID: 17993465


Look at this article again. and from below "Creating a New Mail Publishing Rule"

http://www.microsoft.com/technet/isa/2004/plan/exchage2003.mspx

Here is another article. On publishing RPC over https.
http://support.microsoft.com/kb/884506/en-us


There three articles cover publishing OWA.

http://www.petri.co.il/configure_isa_to_publish_owa.htm

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q308599

http://support.microsoft.com/?kbid=290113

Cheers,
NITADMIN
0
 

Author Comment

by:technolutions
ID: 17994745
Hi Jeff

please assist me using the server management utility to setup RPC over HTTP.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 17996442
When you first installed ISA 2004, the last screen of the install wizard looked like this (http://www.isaserver.org/img/upl/image0201128326260827.jpg).  As you'll note it says, The Configure E-mail and Internet Connection Wizard will be run as part of the ISA Server 2004 Installation.

Since you did not complete the wizard properly at that time, you just need to run it again.  You'll find it in the Server Management Console > Internet and Email Section linked as "Connect to the Internet".  The steps are fairly self explanitory, but you can always click on the "More Information" button which you'll find on every screen to read more about what each step does.  The important part here, is that you enable both Remote Web Workplace and Outlook via the Internet on the Web Services Screen.

Once the wizard completes, you can then open the Remote Web Workplace main menu (http://localhost/remote from your server) and click on the "Configure Outlook via the Internet" link to access your customized instruction sheet for making the proper configuration changes to Outlook 2003.

Jeff
TechSoEasy
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now