Link to home
Create AccountLog in
Avatar of clint-54
clint-54Flag for United States of America

asked on

Outlook Anywhere Troubleshooting Assistance

I am having a problem connecting externally with Outlook 2003 or 2007 to a fresh Exchange 2007 server. Testing internally using the rpcdiag switch in Outlook works fine in both versions and the connection status does show connected via HTTPS. Internally Outlook connects and does give a certificate error due to the fact that the certificate on the server is assigned the external FQDN. Externally the certificate works fine when connecting to OWA via HTTPS.

I have verified all Exchange Proxy Settings in Outlook several times and I have also tried installing the certificate although the certificate is valid from a 3rd party CA. I do get a logon prompt when trying to connect externally which tells me that it is contacting the server, however it never makes an HTTPS connection and Outlook says that the Exchange server is offline.

I have set this exact same senario up for other clients using a self signed cert and not had any problem. However this one seems to be stumping me. Any help would be appreciated.

Avatar of peakpeak
Flag of Sweden image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of clint-54


I have gone through the mentioned article as well as reference several others. I am getting no complaints in the event log or the IIS log.

I have narrowed it down to a authentication issue. I retested internally and externally using rpcping. I found that i am NOT authenticating internally or externally. However i am able to connect VIA HTTPS with Outlook internally and verified using the /rpcdiag switch.

Don't you get a logon prompt? If you do: login name is domain\login name
Internally i do get a logon prompt and it authenticates and connects VIA HTTPS when using outlook.

The following rpcping command returns exception 5 which is a access denied response.

rpcping -t ncacn_http -s INTERNALSERVERNAME -o RpcProxy=PUBLICSERVERNAME.DOMAIN.TLD -P "username,NETBIOSDOMAINNAME,password" -I "username,NETBIOSDOMAINNAME,password", -H 1 -F 3 -a connect -u 10 -v 3 -e 6001

An RPCDump also verifieds that all settings and ports are correct.

This ended up being a packet filter that was running on the DCs. I am awarding the points for trying to help me :)