?
Solved

Can't Publish Owa 2003 on ISA 2006

Posted on 2009-02-11
9
Medium Priority
?
479 Views
Last Modified: 2012-05-06
Hi all,
i have a weird problem, i want to publish OWA on ISA 2006.
i have 1 exchange server 2003 and 1 ISA server as edge firewall.
i did all the steps listed on all forums regarding OWA publishing, i'll list them again step by step maybe i forgot something:
1- Backup the certificate from exchange and install it in the personal folder on ISA.
2- Create a HOSTS file entry for split-DNS style resolution.
3- Create Https Listener on both internal and external network.
4-Create the Exchange Web Client Access Publishing Rule.
5- i tried also this:
    * Change Requests appears to come from the original Client in the To Tab
    * Enable Require 128 Bit encryption for HTTPS Traffic in the Traffic Tab
    * Navigate to the Listener Properties and select the Forms tab.
       Under Password Management enable Allow users to change their Passwords.

Still no luck, keep in mind that i could easily publish exchange server, mail is working ok.
OWA is working fine also if u access the exchange directly from the LAN via IP or hostname.


i've been all the the day working on it, i tried all the settings.
I just need to know if i miss something? maybe i should create an access rule to open port 443 from the external network to Localhost?
any clue will help on this coz im running out of ideas.
thanks a lot
   

here is the articles that i used:

http://www.shijaz.com/isaserver/isa2006_publish_owa.htm
http://www.isaserver.org/tutorials/Using-2006-ISA-Firewall-RC-Publish-OWA-Sites-Part1.html
http://www.msexchange.org/tutorials/Publishing-Exchange-2007-OWA-ISA-Server-2006.html 
0
Comment
Question by:usere3
7 Comments
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 23612802
Hi!

Two simple questions:
1. What is the error you get when accessing owa web site from internet?
2. When you test the rule in ISA 2006, do you get any errors? I mean when you click "Test Rule" button in properties of rule, does ti report that isa can access exchange?

Toni
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 23612809
Do you have ISA SP1 installed?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23614414
If you are using someone else's guidance, such as isaserver.org, then I can't really help you. if you get to the point where you want to use the Microsoft approach then let me know - as it sure isn't what you describe in your initial post.

keith
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:usere3
ID: 23614837
keith, i have a problem and any help will be appreciated.
i dont have sp1, ill install it tomorrow, and than ill give u the right error in IE, i think its web site not found or something like that.
anyway i just want to know is there anything i should do, did i miss anything or i should troubleshoot my configuration?  
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 23615086
I assume everything else on ISA is running OK - or do you want to check the basics as well?
Download and run the best practice analyser - get it here
http://www.microsoft.com/downloads/details.aspx?FamilyID=D22EC2B9-4CD3-4BB6-91EC-0829E5F84063&displaylang=en

You use the term backup the certificate. You actually need to export the cert along with the private key - is this what you did? if not, it will not work.
If you want to troubleshoot the certs on ISA, this is a good method. it actually mentions 2004 but as you are not talking here about Sharepoint, the process is the same.
http://technet.microsoft.com/en-us/library/cc302619.aspx

Do NOT use an access rule - it will send everything bonkers - especially as you will be using a NAT relationship between the internal and external interfaces. For inbound traffic on a NAT relationship you need to use the publishing rules.

Publishing OWA from Ex2007 is totally different to publishing OWA from ex2003 - even the services are different so ignore that link you mentioned in your first post.
This is the Microsoft method:
http://technet.microsoft.com/en-gb/library/bb794845.aspx
0
 

Author Comment

by:usere3
ID: 23615299
thanks keith, i exportedthe certificate right with the key, ill try the Microsoft way and ill tell what will happen.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23615341
OK - running the BPA is also a good tool - you can be surprised what is sometimes turned up.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question