Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange OWA 2003

Posted on 2007-11-18
10
Medium Priority
?
256 Views
Last Modified: 2008-02-01
Hi,

What must I do to publish my OWA to the internet? I know I need 443 through the firewall, but what do I tell my ISP? I have a domain. I plan to use a self SSL Certificate. No problem there. What DNS record should I tell the ISP to add? www.domain.com/owa? (Or anything else I choose)+the internal IP of the mail server? FIXed WAN address? what are the exact steps?

I used to do this years ago...but I forgot the procedure.
0
Comment
Question by:cybrosh
  • 5
  • 5
10 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 20310843
I assume you already have your MX records configured for domain.com so that mail is flowing in and out of Exchange correctly. I won't go into it here but let me know if you want me to.

You cannot tell your ISP to add a DNS record just for /owa. The whole point of DNS records is that they are independent of protocol, so you can use any protocol before domain.com and you will get to the same place on the Internet. If you use /owa, that is only accessible by HTTP or HTTPS.

The easiest way to access your OWA would be to simply use the subdomain which your MX record is tied to, most often mail.domain.com. Alternatively, some people like to make a subdomain called webmail.domain.com, then set that as an A record for your fixed WAN IP address.

-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20318708
Ok, thanks for the comment, but can you be a little more specific? more details on the technical steps needed to be done.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20321999
As you haven't said otherwise, I will still assume you have MX records set up correctly and that you can send mail in and out of the Exchange server.

Probably the easiest way to do this would be to:

1) Create a subdomain: webmail.<yourdomain>.com
2) Ask your ISP/registrar to change the A record IP address on the subdomain to the IP address of your router which is accessible on the Internet (i.e. not the internal 10.x.x.x, 192.168.x.x or 172.x.x.x address, but the external one)
3) Once the record is changed, forward requests to port 443 on that IP address to the internal IP of the Exchange server
4) Go to https://webmail.<yourdomain>.com/exchange or /owa to test

If you have MX records set up already, you could just use them.

-tigermatt
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:cybrosh
ID: 20330040
Tiger,

Thanks for replying. Sorry for being such a pest.
Yes, I have set up MX records, as well as the ISP's mail servers for fault tolerance(rating).

*In the event of having MX records, how do I use them?

*Again, sorry for being a pain...
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20330081
>>> *In the event of having MX records, how do I use them?

I'm not quite sure what you mean by "having MX records". MX records stands for "Mail Exchanger Records"; this is the DNS record which is looked up by mail servers attempting to send mail to a recipient at your domain. The MX record points to an FQDN (fully qualified domain name), which is then configured as an A record to your WAN IP address, which means connections are passed directly to your Exchange server assuming port 25 is forwarded correctly.

So having MX records *is* a good thing, otherwise mail wouldn't flow into your domain and possibly not outwards, depending on the setup of some recipients' mail servers they may reject messages if they can't perform a lookup of your MX records and verify that all sorts of other settings are correctly configured.

-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20330480
Hi TIger,

Here's the  MX/A records config :

-A record, FQDN=mail.companydomain.com, value=214.X.X.X(Real WAN IP), MX Pref=none
-MX record, FQDN=companydomain.com, value=mail.companydomain.com, MX Pref=10
-A Record, FQDN=mail.isp.com, value=Real wan IP, MX Pref=none
-MX Record, FQDN=companydomain.com, value=mail.isp.com, mx pref=100

How do I combine the OWA address with the above config?

Appreciate the help.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20330530
Hi again,

I hope I don't over-complicate my posts! I always like to explain things thoroughly to make sure you everyone understands, but it often seems to complicate things a little!

The OWA address needs an A record which is mapped to the Exchange WAN IP. In this case, mail.companydomain.com has an A record of 214.x.x.x which is your WAN IP. Therefore, you could quite easily use mail.companydomain.com as your OWA address, just append /owa or /exchange depending on which of the two your OWA site uses.

Also, don't forget you will need port 443 forwarded in your router firewall and need your self-signed SSL certificate set up before the HTTPS through port 443 will work. Once everything is in place, you should be able to go to https://mail.companydomain.com/owa or /exchange from outside with no issues. Make sure you enter the https, http:// will only work if you forward port 80 too (insecure) to the Exchange server, in which case Exchange *should* redirect to the SSL connection although I believe this has to be manually configured.

--
So:
1) Forward port 443 in your router's firewall to Exchange server (just like you did with port 25, expect for TCP port 443)
2) Set up SSL certificate
3) Use https://mail.companydomain.com/owa or /exchange as your OWA URL.
--

Hope this helps!
-tigermatt
0
 

Author Comment

by:cybrosh
ID: 20332754
Hi TIger,

Last question, just to make sure.

I don't have to modify the A record, by adding the /Exchange, right? since it's already embedded? true?'


0
 
LVL 58

Accepted Solution

by:
tigermatt earned 200 total points
ID: 20333005
>>> I don't have to modify the A record, by adding the /Exchange, right? since it's already embedded? true?'
Correct, you just add https:// to the beginning and /Exchange at the end assuming you're using mail.companydomain.com

-tigermatt
:)
0
 

Author Comment

by:cybrosh
ID: 20333222
Thanks mate!!!
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question