Solved

Publishing RPC over HTTP via ISA 2004 std

Posted on 2006-11-21
7
614 Views
Last Modified: 2008-02-01
Hi All

I have this irretating issue that i just can not get fixed. this is the setup we have at our office:
SBS 2003 Prem, ISA 2004, DC, GC. all this is on one server.

the layout is as follow:

----WAN-----      netgear router -----       ISA server      ------- Local Area Network
                        DC
                        Exchange
                        GC

the router is configure with an IP of 192.168.200.x and it forwards requests to the ISA server which has 2 Nics
external nic is 192.168.200.x and another nic which is connected to the LAN.

My service pack Levels are the following:

ISA 2004 SP1 & 2
SBS 2003 SP1
Exchange SP2

Here are some answers to questions you might ask:
1 i have configured my Exchange server as a Back-end server.

2 configured CA on DC, CA and certificate matches the name of the website, Server and Client trusts the
  certificate, both imported into the Trusted root authentication...

3 i configured the IIS virtual directory (RPC) to use ONLY basic authentication

4 Allowed RPC traffic from the internal network to the Localhost

5 configured the client computer, client uses Office 2003.

6 when i type the url: https://mail.mydomain.co.za/rpc i get the logon box and i then get that access denied
  ACL error. which i should get.

7 when i type the url: https://mail.mydomain.co.za/rpc/rpcproxy.dll i get the blank page with the little lock in the
  right hand corner of internet explorer. that works.

8 when i use the client computer internally (On local network) and i connect via HTTP over RPC i get the successful
  HTTPS connection when i run outlook.exe /rpcdiag.

9 I created a web publishing rule to publish the RPC over HTTP site described in the following link:
   http://support.microsoft.com/?kbid=884506#appliesto#appliesto

10 I have allowed inbound and outbound RPC port 135 traffic on the ISA server and Router.

11 I have configured the neccesary registry entries, ValidPorts. entreis are as follow:
    ServerNETBIOSName:6001-6002;ServerFQDN:6001-6002;ServerNetBIOSName:6004;ServerFQDN:6004

12  here are a few links i used for troubleshooting and further reading:

http://office.microsoft.com/en-gb/help/HA011402731033.aspx
http://support.microsoft.com/kb/840255/
http://support.microsoft.com/kb/827330/
http://www.msexchange.org/tutorials/Implementing-RPC-over-HTTPS-single-Exchange-Server-2003-environment.html
http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm
http://www.msexchange.org/tutorials/outlookrpchttp.html
http://www.microsoft.com/technet/isa/2004/plan/tscerts.mspx
http://www.microsoft.com/technet/isa/2004/plan/exchage2003.mspx
http://www.securityfocus.com/infocus/1807

I know that the issue has to be with the ISA firewall!? i have tried changing the HTTP filter on the web publishing
rule to only allow RPC_IN_DATA and OUT.

if possible could some please assist me in how to (In depth) publish RPC over HTTP/s in ISA server 2004

Regards,

Johan                  
0
Comment
Question by:technolutions
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17992251
So, are you now saying that your statement in this question http:Q_22066511.html is not true?  Is everything NOT working correctly?

If you'd please run the Configure Email and Internet Connection Wizard your problems would be solved.  You are making this MUCH MORE COMPLICATED than it should be.

Jeff
TechSoEasy
0
 
LVL 8

Expert Comment

by:nitadmin
ID: 17993465


Look at this article again. and from below "Creating a New Mail Publishing Rule"

http://www.microsoft.com/technet/isa/2004/plan/exchage2003.mspx

Here is another article. On publishing RPC over https.
http://support.microsoft.com/kb/884506/en-us


There three articles cover publishing OWA.

http://www.petri.co.il/configure_isa_to_publish_owa.htm

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q308599

http://support.microsoft.com/?kbid=290113

Cheers,
NITADMIN
0
 

Author Comment

by:technolutions
ID: 17994745
Hi Jeff

please assist me using the server management utility to setup RPC over HTTP.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 17996442
When you first installed ISA 2004, the last screen of the install wizard looked like this (http://www.isaserver.org/img/upl/image0201128326260827.jpg).  As you'll note it says, The Configure E-mail and Internet Connection Wizard will be run as part of the ISA Server 2004 Installation.

Since you did not complete the wizard properly at that time, you just need to run it again.  You'll find it in the Server Management Console > Internet and Email Section linked as "Connect to the Internet".  The steps are fairly self explanitory, but you can always click on the "More Information" button which you'll find on every screen to read more about what each step does.  The important part here, is that you enable both Remote Web Workplace and Outlook via the Internet on the Web Services Screen.

Once the wizard completes, you can then open the Remote Web Workplace main menu (http://localhost/remote from your server) and click on the "Configure Outlook via the Internet" link to access your customized instruction sheet for making the proper configuration changes to Outlook 2003.

Jeff
TechSoEasy
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question