Solved

setting up outlook web access through a firewall

Posted on 2007-11-23
13
654 Views
Last Modified: 2010-04-21
i have a sbs 2003 server and outlook web access works well inside the network.  i want to be able to use it outside the network.  what do i need to open on the firewall.  i have read just port 443 but then i came across this microsoft article and got a little confused.  haven't heard of having to change anything in the registry to do this.

here is the microsoft article:

http://support.microsoft.com/kb/259240

any suggestions?  i want to then get my mail on my treo windows phone.
0
Comment
Question by:americanmobile
13 Comments
 
LVL 12

Expert Comment

by:dlan75
ID: 20340847
Hi,
You need to open the port on the firewall but also on the router (NAT)
Then you need to activate SSL encryption on your webserver (and ideally disable port 80 if you don't have use of it).
You will need to create a web certificate or to buy one from an authorized authority in order to access your OWA through SSL (https).
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20340850
Hi,
Let us know if you need help on the subject I described above.
0
 

Author Comment

by:americanmobile
ID: 20340861
i don't have a firewall running on the server, i just have a sonic wall tz170 as my firewall.

where do i activate SSL encryption on my server?

i am calling godaddy now to get a SSL certificate...

0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 104

Expert Comment

by:Sembee
ID: 20340915
You don't need to activate anything on the server. Simply install the SSL certificate on to IIS as instructed by GoDaddy. Then open port 443 on your firewall. That is all there is to it.

Simon.
0
 
LVL 12

Accepted Solution

by:
dlan75 earned 500 total points
ID: 20340924
Hi,
You have to configure NAT on your sonicwall then. I cannot help you on that for the moment (I am awaiting my sonicwall TZ190) but you can open a question for it.
Regarding setting up ssl encryption on your IIS server, follow the instructions from one of the sites below :
http://support.microsoft.com/kb/324069
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1272045,00.html
http://www.howtonetworking.com/email/oma2.htm
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html (this one is the one I used once)

It is better to buy a certificate than using your own as if you use your own when you connect from outside, you will have a message saying there is a problem with the certificate which is normal as it hasn't been issued by an official certificate authority. Bigdaddy is good as it is cheap :-)
0
 
LVL 3

Expert Comment

by:mrmark75
ID: 20341206
The easiest way to get your messages on your phone is to use a forwarder in Exchange to send your E-mail to your phone, as well as save it in your E-mail box. Do you already have an E-maill address for your phone like 1234556789@nextel.com? If so setting up a forwarder is easy.  
Go into ACTIVE DIRECTORY USERS AND COMPUTERS, then right click in empty space and choose NEW CONTACT the name it something that will identify to you that it is a forwarded address IE: yourname (forward) it cannot be a name that is already in the AD store. CICK NEXT The CREATE AN EXCHANGE EMAIL ADDRESS should be checked and  your alias should be in the name box  CLICK modify under E-mail and add you phone e-mail address 123456789@nextel.com then OK NEXT and FINISH.  Now you should have a contact added in your Users and Computers view.
Now right click on your actual user name and choose PROPERTIES then choose the EXCHANGE GENERAL tab then click on the DELIVERY OPTIONS button then choose the FORWARD ADDRESS button then MODIFY button and find the name of the forward contact.  Then CHECK the box that says DELIVER MESSAGES TO BOTH FORWARD ADDRESS AND MAILBOX.  Then click OK and APPLY and you will be all set up to receive your messages on your phone.
0
 

Author Comment

by:americanmobile
ID: 20341343
i have opened port 443 and pointed it to the server but i still am unable to access outlook web access...
0
 

Author Comment

by:americanmobile
ID: 20341473
ok.  

i am uncertain of what I have done, but i can get to the certificate prompt externally as well as internally  but as soon as I enter the username and password for any user I get the following:

-----------------
The page cannot be found
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Please try the following:

    * Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.
    * If you reached this page by clicking a link, contact the Web site administrator to alert them that the link is incorrectly formatted.
    * Click the Back button to try another link.

HTTP Error 404 - File or directory not found.
Internet Information Services (IIS)

Technical Information (for support personnel)

    * Go to Microsoft Product Support Services and perform a title search for the words HTTP and 404.
    * Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled Web Site Setup, Common Administrative Tasks, and About Custom Error Messages.
---------------------
0
 

Author Closing Comment

by:americanmobile
ID: 31410715
got it..thanks!
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20342085
Hi,
I am asking a stupid question but ... are you accessing the right file? From outside it should be looking like : https://[YOURIPORDOMAIN]/exchange
Have you configured your IIS server for SSL (https)?
0
 

Author Comment

by:americanmobile
ID: 20342089
yes....

i can go to www.blabla.com to access my company site per 2003 sbs

and i can go to www.blabla.com/exchange and access my OWA...

the SSL also redirects both and adds https: to the address...

0
 
LVL 12

Expert Comment

by:dlan75
ID: 20342142
Hi,
Sounds weird. From inside you still have access?
0
 

Author Comment

by:americanmobile
ID: 20342145
my bad, this issue was resolved..i am having issues now with OMA...want to help?

it's killing me...

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22979876.html?cid=239#a20342041

0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Find out what you should include to make the best professional email signature for your organization.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question