Solved

Exchange RPC over HTTP (NOT SSL) not working w/ ISA 2004

Posted on 2007-04-04
5
394 Views
Last Modified: 2008-11-18
I have a single Exchange 2003 server, patched, and a ISA 2004 Server sitting behind a pix 501.

I currently have OWA published with HTTP (NOT SSL), and I want to open RPC over HTTP (NOT SSL).

I know it's not recommended to do HTTP, but this was a specific customer request (they only have one public IP address, and they already have a SSL web site published through ISA, so we can't SSL publish this unless we buy a wildcard cert, and they don't want to spend the money.)

I have made the registry hacks using the utility from Petri, I have configured the Exchange Server as a HTTP RPC backend server.

I have setup a mail publishing rule, and configured Outlook RPC over HTTP in the rule.  
I have setup a web publishing rule pointing to the RPC directory on the Exchange server (also the OWA server).

Now, when I try to connect from the outside, it cannot establish a connection.  When I look in Monitoring (Logging) in ISA, I can see the traffic, but it is bypassing my rule, and going to the enterprise default deny all rule.
'ISA server denied the specific URL.  anonymous'

It is hitting the server on port 80 as it should, (I have the client configured to not use SSL, but HTTP with NTLM authentication).  

Any idea why my isa server is not catching the traffic with the correct rule?
0
Comment
Question by:drakba
  • 2
5 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 18852637
RPC over HTTPS does not work over http.

Thats it.

There are various unsupported work arounds, but they are unsupported and unreliable.

Simon.
0
 

Author Comment

by:drakba
ID: 18855294
Any chance of getting a couple examples of the unsupported workarounds?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18856371
Not from me.
I refuse to it.

Simon.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19089491
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question