Solved

setting up outlook web access through a firewall

Posted on 2007-11-23
13
650 Views
Last Modified: 2010-04-21
i have a sbs 2003 server and outlook web access works well inside the network.  i want to be able to use it outside the network.  what do i need to open on the firewall.  i have read just port 443 but then i came across this microsoft article and got a little confused.  haven't heard of having to change anything in the registry to do this.

here is the microsoft article:

http://support.microsoft.com/kb/259240

any suggestions?  i want to then get my mail on my treo windows phone.
0
Comment
Question by:americanmobile
13 Comments
 
LVL 12

Expert Comment

by:dlan75
Comment Utility
Hi,
You need to open the port on the firewall but also on the router (NAT)
Then you need to activate SSL encryption on your webserver (and ideally disable port 80 if you don't have use of it).
You will need to create a web certificate or to buy one from an authorized authority in order to access your OWA through SSL (https).
0
 
LVL 12

Expert Comment

by:dlan75
Comment Utility
Hi,
Let us know if you need help on the subject I described above.
0
 

Author Comment

by:americanmobile
Comment Utility
i don't have a firewall running on the server, i just have a sonic wall tz170 as my firewall.

where do i activate SSL encryption on my server?

i am calling godaddy now to get a SSL certificate...

0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
You don't need to activate anything on the server. Simply install the SSL certificate on to IIS as instructed by GoDaddy. Then open port 443 on your firewall. That is all there is to it.

Simon.
0
 
LVL 12

Accepted Solution

by:
dlan75 earned 500 total points
Comment Utility
Hi,
You have to configure NAT on your sonicwall then. I cannot help you on that for the moment (I am awaiting my sonicwall TZ190) but you can open a question for it.
Regarding setting up ssl encryption on your IIS server, follow the instructions from one of the sites below :
http://support.microsoft.com/kb/324069
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1272045,00.html
http://www.howtonetworking.com/email/oma2.htm
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html (this one is the one I used once)

It is better to buy a certificate than using your own as if you use your own when you connect from outside, you will have a message saying there is a problem with the certificate which is normal as it hasn't been issued by an official certificate authority. Bigdaddy is good as it is cheap :-)
0
 
LVL 3

Expert Comment

by:mrmark75
Comment Utility
The easiest way to get your messages on your phone is to use a forwarder in Exchange to send your E-mail to your phone, as well as save it in your E-mail box. Do you already have an E-maill address for your phone like 1234556789@nextel.com? If so setting up a forwarder is easy.  
Go into ACTIVE DIRECTORY USERS AND COMPUTERS, then right click in empty space and choose NEW CONTACT the name it something that will identify to you that it is a forwarded address IE: yourname (forward) it cannot be a name that is already in the AD store. CICK NEXT The CREATE AN EXCHANGE EMAIL ADDRESS should be checked and  your alias should be in the name box  CLICK modify under E-mail and add you phone e-mail address 123456789@nextel.com then OK NEXT and FINISH.  Now you should have a contact added in your Users and Computers view.
Now right click on your actual user name and choose PROPERTIES then choose the EXCHANGE GENERAL tab then click on the DELIVERY OPTIONS button then choose the FORWARD ADDRESS button then MODIFY button and find the name of the forward contact.  Then CHECK the box that says DELIVER MESSAGES TO BOTH FORWARD ADDRESS AND MAILBOX.  Then click OK and APPLY and you will be all set up to receive your messages on your phone.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 

Author Comment

by:americanmobile
Comment Utility
i have opened port 443 and pointed it to the server but i still am unable to access outlook web access...
0
 

Author Comment

by:americanmobile
Comment Utility
ok.  

i am uncertain of what I have done, but i can get to the certificate prompt externally as well as internally  but as soon as I enter the username and password for any user I get the following:

-----------------
The page cannot be found
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Please try the following:

    * Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.
    * If you reached this page by clicking a link, contact the Web site administrator to alert them that the link is incorrectly formatted.
    * Click the Back button to try another link.

HTTP Error 404 - File or directory not found.
Internet Information Services (IIS)

Technical Information (for support personnel)

    * Go to Microsoft Product Support Services and perform a title search for the words HTTP and 404.
    * Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled Web Site Setup, Common Administrative Tasks, and About Custom Error Messages.
---------------------
0
 

Author Closing Comment

by:americanmobile
Comment Utility
got it..thanks!
0
 
LVL 12

Expert Comment

by:dlan75
Comment Utility
Hi,
I am asking a stupid question but ... are you accessing the right file? From outside it should be looking like : https://[YOURIPORDOMAIN]/exchange
Have you configured your IIS server for SSL (https)?
0
 

Author Comment

by:americanmobile
Comment Utility
yes....

i can go to www.blabla.com to access my company site per 2003 sbs

and i can go to www.blabla.com/exchange and access my OWA...

the SSL also redirects both and adds https: to the address...

0
 
LVL 12

Expert Comment

by:dlan75
Comment Utility
Hi,
Sounds weird. From inside you still have access?
0
 

Author Comment

by:americanmobile
Comment Utility
my bad, this issue was resolved..i am having issues now with OMA...want to help?

it's killing me...

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22979876.html?cid=239#a20342041

0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now