Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

setting up outlook web access through a firewall

Posted on 2007-11-23
13
Medium Priority
?
658 Views
Last Modified: 2010-04-21
i have a sbs 2003 server and outlook web access works well inside the network.  i want to be able to use it outside the network.  what do i need to open on the firewall.  i have read just port 443 but then i came across this microsoft article and got a little confused.  haven't heard of having to change anything in the registry to do this.

here is the microsoft article:

http://support.microsoft.com/kb/259240

any suggestions?  i want to then get my mail on my treo windows phone.
0
Comment
Question by:americanmobile
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 12

Expert Comment

by:dlan75
ID: 20340847
Hi,
You need to open the port on the firewall but also on the router (NAT)
Then you need to activate SSL encryption on your webserver (and ideally disable port 80 if you don't have use of it).
You will need to create a web certificate or to buy one from an authorized authority in order to access your OWA through SSL (https).
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20340850
Hi,
Let us know if you need help on the subject I described above.
0
 

Author Comment

by:americanmobile
ID: 20340861
i don't have a firewall running on the server, i just have a sonic wall tz170 as my firewall.

where do i activate SSL encryption on my server?

i am calling godaddy now to get a SSL certificate...

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 104

Expert Comment

by:Sembee
ID: 20340915
You don't need to activate anything on the server. Simply install the SSL certificate on to IIS as instructed by GoDaddy. Then open port 443 on your firewall. That is all there is to it.

Simon.
0
 
LVL 12

Accepted Solution

by:
dlan75 earned 2000 total points
ID: 20340924
Hi,
You have to configure NAT on your sonicwall then. I cannot help you on that for the moment (I am awaiting my sonicwall TZ190) but you can open a question for it.
Regarding setting up ssl encryption on your IIS server, follow the instructions from one of the sites below :
http://support.microsoft.com/kb/324069
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1272045,00.html
http://www.howtonetworking.com/email/oma2.htm
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html (this one is the one I used once)

It is better to buy a certificate than using your own as if you use your own when you connect from outside, you will have a message saying there is a problem with the certificate which is normal as it hasn't been issued by an official certificate authority. Bigdaddy is good as it is cheap :-)
0
 
LVL 3

Expert Comment

by:mrmark75
ID: 20341206
The easiest way to get your messages on your phone is to use a forwarder in Exchange to send your E-mail to your phone, as well as save it in your E-mail box. Do you already have an E-maill address for your phone like 1234556789@nextel.com? If so setting up a forwarder is easy.  
Go into ACTIVE DIRECTORY USERS AND COMPUTERS, then right click in empty space and choose NEW CONTACT the name it something that will identify to you that it is a forwarded address IE: yourname (forward) it cannot be a name that is already in the AD store. CICK NEXT The CREATE AN EXCHANGE EMAIL ADDRESS should be checked and  your alias should be in the name box  CLICK modify under E-mail and add you phone e-mail address 123456789@nextel.com then OK NEXT and FINISH.  Now you should have a contact added in your Users and Computers view.
Now right click on your actual user name and choose PROPERTIES then choose the EXCHANGE GENERAL tab then click on the DELIVERY OPTIONS button then choose the FORWARD ADDRESS button then MODIFY button and find the name of the forward contact.  Then CHECK the box that says DELIVER MESSAGES TO BOTH FORWARD ADDRESS AND MAILBOX.  Then click OK and APPLY and you will be all set up to receive your messages on your phone.
0
 

Author Comment

by:americanmobile
ID: 20341343
i have opened port 443 and pointed it to the server but i still am unable to access outlook web access...
0
 

Author Comment

by:americanmobile
ID: 20341473
ok.  

i am uncertain of what I have done, but i can get to the certificate prompt externally as well as internally  but as soon as I enter the username and password for any user I get the following:

-----------------
The page cannot be found
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Please try the following:

    * Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.
    * If you reached this page by clicking a link, contact the Web site administrator to alert them that the link is incorrectly formatted.
    * Click the Back button to try another link.

HTTP Error 404 - File or directory not found.
Internet Information Services (IIS)

Technical Information (for support personnel)

    * Go to Microsoft Product Support Services and perform a title search for the words HTTP and 404.
    * Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled Web Site Setup, Common Administrative Tasks, and About Custom Error Messages.
---------------------
0
 

Author Closing Comment

by:americanmobile
ID: 31410715
got it..thanks!
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20342085
Hi,
I am asking a stupid question but ... are you accessing the right file? From outside it should be looking like : https://[YOURIPORDOMAIN]/exchange
Have you configured your IIS server for SSL (https)?
0
 

Author Comment

by:americanmobile
ID: 20342089
yes....

i can go to www.blabla.com to access my company site per 2003 sbs

and i can go to www.blabla.com/exchange and access my OWA...

the SSL also redirects both and adds https: to the address...

0
 
LVL 12

Expert Comment

by:dlan75
ID: 20342142
Hi,
Sounds weird. From inside you still have access?
0
 

Author Comment

by:americanmobile
ID: 20342145
my bad, this issue was resolved..i am having issues now with OMA...want to help?

it's killing me...

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22979876.html?cid=239#a20342041

0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question