Solved

Exchange RPC over HTTP (NOT SSL) not working w/ ISA 2004

Posted on 2007-04-04
5
388 Views
Last Modified: 2008-11-18
I have a single Exchange 2003 server, patched, and a ISA 2004 Server sitting behind a pix 501.

I currently have OWA published with HTTP (NOT SSL), and I want to open RPC over HTTP (NOT SSL).

I know it's not recommended to do HTTP, but this was a specific customer request (they only have one public IP address, and they already have a SSL web site published through ISA, so we can't SSL publish this unless we buy a wildcard cert, and they don't want to spend the money.)

I have made the registry hacks using the utility from Petri, I have configured the Exchange Server as a HTTP RPC backend server.

I have setup a mail publishing rule, and configured Outlook RPC over HTTP in the rule.  
I have setup a web publishing rule pointing to the RPC directory on the Exchange server (also the OWA server).

Now, when I try to connect from the outside, it cannot establish a connection.  When I look in Monitoring (Logging) in ISA, I can see the traffic, but it is bypassing my rule, and going to the enterprise default deny all rule.
'ISA server denied the specific URL.  anonymous'

It is hitting the server on port 80 as it should, (I have the client configured to not use SSL, but HTTP with NTLM authentication).  

Any idea why my isa server is not catching the traffic with the correct rule?
0
Comment
Question by:drakba
  • 2
5 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 18852637
RPC over HTTPS does not work over http.

Thats it.

There are various unsupported work arounds, but they are unsupported and unreliable.

Simon.
0
 

Author Comment

by:drakba
ID: 18855294
Any chance of getting a couple examples of the unsupported workarounds?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18856371
Not from me.
I refuse to it.

Simon.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19089491
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now