Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

External users can't access OWA

Posted on 2007-11-16
8
388 Views
Last Modified: 2010-05-19
I've set up OWA on a Server 2003 Standard box.  I can access OWA from the network using either servername/exchange or publicip/exchange.  External users who type publicip/exchange get a "page not found" response, much less a login box.  I've forwarded port 80 in the firewall to the IIS server, and I've double-checked everything against other OWA sites I've set up and I can't find the problem.  We've got dynamic DNS set up, but it doesn't matter whether the DDNS name is used or the actual public IP address - if you're outside the network you can't access it.  I think it's a permissions problem but I'm stumped.

Thanks in advance.
0
Comment
Question by:klancy
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 20298964
On the firewall, open the following ports:

    * For Exchange Communication:
          o Port 80 for HTTP
          o Port 691 for Link State Algorithm routing protocol
    * For Active Directory communication:
          o Port 389 for LDAP (TCP and UDP)
          o Port 3268 for Global Catalog Server LDAP (TCP)
          o Port 88 for Kerberos Authentication (TCP and UDP)

Reference: http://www.msexchange.org/tutorials/OWA_Exchange_Server_2003.html
0
 
LVL 12

Expert Comment

by:Network_Data_Support
ID: 20299137
when you say the iis server i take it its the exchange server right?
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 200 total points
ID: 20299170
mwecomputers - you only need to open that many ports if you intend to allow a FE server to communicate with a BE server behind a firewall.  You need to open port 80 if you are going to use plain HTTP, or port 443 if you require SSL.

klancy - have a look at your IIS Logs, and see if the external requests are even reaching the server.  Note that the times are in GMT.

Do you use an ISA server?  If so, did you publish the Exchange VDir?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 29

Expert Comment

by:Michael Worsham
ID: 20299200
Also found this link as it has some step-by-step solutions available:

http://forums.msexchange.org/m_1800385027/mpage_1/key_/tm.htm#1800385027
0
 
LVL 2

Author Comment

by:klancy
ID: 20299207
The Server is the Exchange Server, we're using a single server not a FE/BE combo and we aren't using an ISA server.  I'm starting with plain HTTP.  

I'll check the logs shortly and post another reply.

Thanks for the quick responses.
0
 
LVL 2

Author Comment

by:klancy
ID: 20299464
I've checked the log and it doesn't change when someone tries to access OWA externally.
0
 
LVL 12

Accepted Solution

by:
Network_Data_Support earned 300 total points
ID: 20299644
well if it all works fine internally it has to be something blocking it externally can you view the logs/ traffic on the firewal?
0
 
LVL 2

Author Closing Comment

by:klancy
ID: 31409568
It turns out that the ISP blocks port 80 (among others) for dynamically assigned IPs.  Once we switched to a static (unblocked) IP, OWA worked perfectly.

I'm splitting the points because checking the IIS log proved that it wasn't an OWA configuration issue, and checking the firewall log proved that external requests weren't even hitting the router.  Which left the ISP as the culprit.

I've got a user who's traveling in South Africa right now who is very, very happy that he can check his Outlook.

Thanks everyone.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question