Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

RPC over HTTPS (Outlook Anywhere) doesn't work after switch from Netopia Router to SSG-5

Posted on 2008-06-19
5
Medium Priority
?
4,721 Views
Last Modified: 2008-07-08
Hello Experts:

I am having a problem with RPC over HTTP (Outllook Anywhere).  Last night, I switched from using a Netopia Router to an SSG-5 Firewall (Juniper).  Until the switch over, Outlook Anywhere was working great.  Called Juniper and their techs spent the biggest part of the day on the phone--and remoting in to the firewall to check the firewall and the configuration looks correct for the simple setup I have.  They think that the Barracuda Spam Model 300 firewall is blocking the RPC over HTTP.  I am not to sure if they are correct.  Has any of you experts had a similiar problem?  I have made sure the HTTP and HTTPS ports are open.  Inside of my network, I can use outlook /rpcdiag-and it connects perfectly to Microsoft Exchange 2007 server with no problems.  Any thoughts are help is appreciated.  Juniper can't figure it out and Barracuda Techs give me the old upgrade the firmware bit--which I did--but it didn't slove the problem.

Thanks
Steve
0
Comment
Question by:huntersp3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21827587
RPC over HTTPS only requires port 443 to be open - in fact, that is the whole idea of it, it works over secure HTTP so will work anywhere. If you have both port 80 and port 443 forwarded to your Exchange server, there shouldn't be a problem.

If the ONLY thing that has changed on your network is the addition of the firewall, then that must be the cause of the problem if it was working before this.  There is something not configured correctly, or the firewall isn't working properly.

Was the firewall the only change to the network when RPC over HTTP stopped working?
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21827593
Actually, another thing to check...

If you browse to OWA (presuming this is enabled too?) from outside your network, do you get a security certificate warning, or is the security certificate accepted by the browser?
0
 

Author Comment

by:huntersp3
ID: 21829777
Hello Purple:

The changing of the firewall was the only change made to the network.  So, I agree, that the firewall is not working properly.  The juniper tech said I have everything setup correctly.  Put, you never know how much they really know.  In my policy, I have a VIP with port 443 opened and pointed right at my exchange server ip address.  Also, using the same VIP, I have a port opened for mail (25) pointed at my spam filter.  It just occured to me--I wonder if using the same VIP could be the issue?

Thanks
Steve
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 21829818
There shouldn't be a problem using the same VIP, but it is certainly something to try by giving OWA its own.

As an aside, I have just upgraded the firmware on a Juniper NS5GT (the existing firmware kept throwing an error when trying to add a basic firewall rule to one of the interfaces). It came back ok (as in all the external services seem to be reachable) with the exception of the VPN.  So now I am locked out of the system.  I knew it was a mistake remotely upgrading firmware...
0
 

Accepted Solution

by:
huntersp3 earned 0 total points
ID: 21898427
Hello Everyone:

I will close out this question.  The problem was the Juniper firewall was not honoring the 443 port.  I had to remove the port 443 reference under Config-->Admin-->Management
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question