Solved

Exchange OWA 2003

Posted on 2007-11-18
10
248 Views
Last Modified: 2008-02-01
Hi,

What must I do to publish my OWA to the internet? I know I need 443 through the firewall, but what do I tell my ISP? I have a domain. I plan to use a self SSL Certificate. No problem there. What DNS record should I tell the ISP to add? www.domain.com/owa? (Or anything else I choose)+the internal IP of the mail server? FIXed WAN address? what are the exact steps?

I used to do this years ago...but I forgot the procedure.
0
Comment
Question by:cybrosh
  • 5
  • 5
10 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 20310843
I assume you already have your MX records configured for domain.com so that mail is flowing in and out of Exchange correctly. I won't go into it here but let me know if you want me to.

You cannot tell your ISP to add a DNS record just for /owa. The whole point of DNS records is that they are independent of protocol, so you can use any protocol before domain.com and you will get to the same place on the Internet. If you use /owa, that is only accessible by HTTP or HTTPS.

The easiest way to access your OWA would be to simply use the subdomain which your MX record is tied to, most often mail.domain.com. Alternatively, some people like to make a subdomain called webmail.domain.com, then set that as an A record for your fixed WAN IP address.

-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20318708
Ok, thanks for the comment, but can you be a little more specific? more details on the technical steps needed to be done.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20321999
As you haven't said otherwise, I will still assume you have MX records set up correctly and that you can send mail in and out of the Exchange server.

Probably the easiest way to do this would be to:

1) Create a subdomain: webmail.<yourdomain>.com
2) Ask your ISP/registrar to change the A record IP address on the subdomain to the IP address of your router which is accessible on the Internet (i.e. not the internal 10.x.x.x, 192.168.x.x or 172.x.x.x address, but the external one)
3) Once the record is changed, forward requests to port 443 on that IP address to the internal IP of the Exchange server
4) Go to https://webmail.<yourdomain>.com/exchange or /owa to test

If you have MX records set up already, you could just use them.

-tigermatt
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:cybrosh
ID: 20330040
Tiger,

Thanks for replying. Sorry for being such a pest.
Yes, I have set up MX records, as well as the ISP's mail servers for fault tolerance(rating).

*In the event of having MX records, how do I use them?

*Again, sorry for being a pain...
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20330081
>>> *In the event of having MX records, how do I use them?

I'm not quite sure what you mean by "having MX records". MX records stands for "Mail Exchanger Records"; this is the DNS record which is looked up by mail servers attempting to send mail to a recipient at your domain. The MX record points to an FQDN (fully qualified domain name), which is then configured as an A record to your WAN IP address, which means connections are passed directly to your Exchange server assuming port 25 is forwarded correctly.

So having MX records *is* a good thing, otherwise mail wouldn't flow into your domain and possibly not outwards, depending on the setup of some recipients' mail servers they may reject messages if they can't perform a lookup of your MX records and verify that all sorts of other settings are correctly configured.

-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20330480
Hi TIger,

Here's the  MX/A records config :

-A record, FQDN=mail.companydomain.com, value=214.X.X.X(Real WAN IP), MX Pref=none
-MX record, FQDN=companydomain.com, value=mail.companydomain.com, MX Pref=10
-A Record, FQDN=mail.isp.com, value=Real wan IP, MX Pref=none
-MX Record, FQDN=companydomain.com, value=mail.isp.com, mx pref=100

How do I combine the OWA address with the above config?

Appreciate the help.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20330530
Hi again,

I hope I don't over-complicate my posts! I always like to explain things thoroughly to make sure you everyone understands, but it often seems to complicate things a little!

The OWA address needs an A record which is mapped to the Exchange WAN IP. In this case, mail.companydomain.com has an A record of 214.x.x.x which is your WAN IP. Therefore, you could quite easily use mail.companydomain.com as your OWA address, just append /owa or /exchange depending on which of the two your OWA site uses.

Also, don't forget you will need port 443 forwarded in your router firewall and need your self-signed SSL certificate set up before the HTTPS through port 443 will work. Once everything is in place, you should be able to go to https://mail.companydomain.com/owa or /exchange from outside with no issues. Make sure you enter the https, http:// will only work if you forward port 80 too (insecure) to the Exchange server, in which case Exchange *should* redirect to the SSL connection although I believe this has to be manually configured.

--
So:
1) Forward port 443 in your router's firewall to Exchange server (just like you did with port 25, expect for TCP port 443)
2) Set up SSL certificate
3) Use https://mail.companydomain.com/owa or /exchange as your OWA URL.
--

Hope this helps!
-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20332754
Hi TIger,

Last question, just to make sure.

I don't have to modify the A record, by adding the /Exchange, right? since it's already embedded? true?'


0
 
LVL 58

Accepted Solution

by:
tigermatt earned 50 total points
ID: 20333005
>>> I don't have to modify the A record, by adding the /Exchange, right? since it's already embedded? true?'
Correct, you just add https:// to the beginning and /Exchange at the end assuming you're using mail.companydomain.com

-tigermatt
:)
0
 

Author Comment

by:cybrosh
ID: 20333222
Thanks mate!!!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2013 POP3 2 32
Sonicwall SHA issue 4 29
why is pst smaller? 11 16
Office365 Outgoing bulk mail limitation 6 6
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question