Solved

Migration from Exchange 2003 to 2007 External OWA problems

Posted on 2008-10-16
14
258 Views
Last Modified: 2012-05-05
I just recently migrated from Exchange Server 2003 to 2007. Right now I have both boxes running and connectors between the two setup. I made the changes to our PIX and internally to route the mail to the 2007 box and it is working correctly. When I test the internal OWA (https://mail.server.com/owa) I go right to the page with no problems. When I try to access it externally I get a "Page not found" errror from IIS, but it is the IIS 6 from the "old" mail server. I have made all the internal DNS changes to point to the 2007 box and mail is flowing through the 2007 box but I can't get external OWA to point at the box! Any ideas on what I am missing?
0
Comment
Question by:doboszb
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732674
web access rule to the new exchange server on the firewall perhaps?
0
 
LVL 1

Expert Comment

by:daravuth
ID: 22732687
Hi,

I supose you have done it but have you updated the port forwarding in your pix to point to the new server ( public wan:port 443 ->  exchange 2007:port 443)

Daravuth
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22732743
What do you have publish the website? with two versions of exchange working you need two diferent web publish rules. The diference will be, in case of beeing isa server publishing the website, in the path, because exchange 2003 owa access is trought the /exchange path and exchange 2007 is trough the /owa. Create 2 publishing rules and report the result.

hope it helps.
regards
António Vargas
0
 

Author Comment

by:doboszb
ID: 22732987
Yes changed the line in the PIX to point the Internal IP address of the new mail server "access-list external permit tcp any host 192.168.42.78 eq https". I am assuming that this is the line that you are talking about?

I should mention that I don't need the two OWA sites to Coexist, I just need OWA 2007 to work correctly so I can move all the users over from the 2003 box and then decommission it.

Is there a pointer somewhere else that needs to be changed?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733039
that line you wrotte is not a redirection line. it's one access list line. the allow traffic. you need to reconfigure the nat entry. it's still pointing to the old server because the nat entry was not changed. you did well on creating one access-list but also change the nat entry. the pix is the only thing that publishes services? dont you have one web service machine in the dmz or one isa server? if not.. do it in the pix.
0
 

Author Comment

by:doboszb
ID: 22733227
The Static NAT rules on the PIX were changed as well.

Any other ideas?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733254
if nat rules are correct you should be redirected to the new iis on the new server. if you are going to the old one double check the rules.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:doboszb
ID: 22733298
I checked again, they all look correct:

static (inside,outside) tcp interface smtp 192.168.42.78 smtp netmask 255.255.255.255 0 0
static (inside,outside) tcp interface www 192.168.42.78 www netmask 255.255.255.255 0 0
static (inside,outside) tcp interface pop3 192.168.42.78 pop3 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface https 192.168.42.78 https netmask 255.255.255.255 0 0
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733370
yes they look ok. you have only changed the https rule? if so maybe a reboot to enable the config or one enable runing_config command can solve this
0
 

Author Comment

by:doboszb
ID: 22733454
I changed all four of the above rules to point to the new Exchange server because they were pointed at the old one previously.
0
 

Author Comment

by:doboszb
ID: 22733512
I took a look and the running config has the changes I made...

Any other thoughts? Could it not be a firewall issue?
0
 
LVL 17

Accepted Solution

by:
Andres Perales earned 125 total points
ID: 22733533
have you ran a clear xlate command on your pix?
0
 

Author Comment

by:doboszb
ID: 22733631
That did it! Thank you so much!
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22733669
no problem
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now