Solved

Migration from Exchange 2003 to 2007 External OWA problems

Posted on 2008-10-16
14
302 Views
Last Modified: 2012-05-05
I just recently migrated from Exchange Server 2003 to 2007. Right now I have both boxes running and connectors between the two setup. I made the changes to our PIX and internally to route the mail to the 2007 box and it is working correctly. When I test the internal OWA (https://mail.server.com/owa) I go right to the page with no problems. When I try to access it externally I get a "Page not found" errror from IIS, but it is the IIS 6 from the "old" mail server. I have made all the internal DNS changes to point to the 2007 box and mail is flowing through the 2007 box but I can't get external OWA to point at the box! Any ideas on what I am missing?
0
Comment
Question by:doboszb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732674
web access rule to the new exchange server on the firewall perhaps?
0
 
LVL 1

Expert Comment

by:daravuth
ID: 22732687
Hi,

I supose you have done it but have you updated the port forwarding in your pix to point to the new server ( public wan:port 443 ->  exchange 2007:port 443)

Daravuth
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22732743
What do you have publish the website? with two versions of exchange working you need two diferent web publish rules. The diference will be, in case of beeing isa server publishing the website, in the path, because exchange 2003 owa access is trought the /exchange path and exchange 2007 is trough the /owa. Create 2 publishing rules and report the result.

hope it helps.
regards
António Vargas
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:doboszb
ID: 22732987
Yes changed the line in the PIX to point the Internal IP address of the new mail server "access-list external permit tcp any host 192.168.42.78 eq https". I am assuming that this is the line that you are talking about?

I should mention that I don't need the two OWA sites to Coexist, I just need OWA 2007 to work correctly so I can move all the users over from the 2003 box and then decommission it.

Is there a pointer somewhere else that needs to be changed?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733039
that line you wrotte is not a redirection line. it's one access list line. the allow traffic. you need to reconfigure the nat entry. it's still pointing to the old server because the nat entry was not changed. you did well on creating one access-list but also change the nat entry. the pix is the only thing that publishes services? dont you have one web service machine in the dmz or one isa server? if not.. do it in the pix.
0
 

Author Comment

by:doboszb
ID: 22733227
The Static NAT rules on the PIX were changed as well.

Any other ideas?
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733254
if nat rules are correct you should be redirected to the new iis on the new server. if you are going to the old one double check the rules.
0
 

Author Comment

by:doboszb
ID: 22733298
I checked again, they all look correct:

static (inside,outside) tcp interface smtp 192.168.42.78 smtp netmask 255.255.255.255 0 0
static (inside,outside) tcp interface www 192.168.42.78 www netmask 255.255.255.255 0 0
static (inside,outside) tcp interface pop3 192.168.42.78 pop3 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface https 192.168.42.78 https netmask 255.255.255.255 0 0
0
 
LVL 15

Expert Comment

by:GreatVargas
ID: 22733370
yes they look ok. you have only changed the https rule? if so maybe a reboot to enable the config or one enable runing_config command can solve this
0
 

Author Comment

by:doboszb
ID: 22733454
I changed all four of the above rules to point to the new Exchange server because they were pointed at the old one previously.
0
 

Author Comment

by:doboszb
ID: 22733512
I took a look and the running config has the changes I made...

Any other thoughts? Could it not be a firewall issue?
0
 
LVL 17

Accepted Solution

by:
Andres Perales earned 125 total points
ID: 22733533
have you ran a clear xlate command on your pix?
0
 

Author Comment

by:doboszb
ID: 22733631
That did it! Thank you so much!
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22733669
no problem
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question