Wrathyimp
asked on
RPC-HTTPS Frontend server not connecting
I Have reconfigured my RPC-HTTP setup following Sembee's instruction:
https://www.experts-exchange.com/questions/22630640/RPCproxy-settings-for-RPC-over-http-FE-BE-scenario.html
But I am facing connectivity problem. when I am in LAN, the Conn status shows TCP/IP,
but when outside, if fails. Also tried with testexchangeconnectity.com , shows failed on the last stage.
I have FE-BE scenario.
The following is my setup:
Backend: Win2003 Sp2 + Exchange 2003 SP2 + RPC-HTTP (Back-end)
NetBOIS Name: SRV
Domain: domain.local
FQDN: mail.domain.com
Frontend:Win2003 SP2 + Exchange 2003 SP2 + RPC Proxy setting
NetBOIS Name: Webmail
Domain: domain.local
FQDN: webmail.domain.com
HKEY_LOCAL_MACHINE\Softwar e\Microsof t\Rpc\RpcP roxy
the values should be entered in the below format:
SRV:6001-6002; srv.dadholding.local:6001- 6002; SRV:6004; srv.dadholding.local:6004;
SSL Certificate from 3rd party (GeoTrust):
CN = webmail.domain.com
O = webmail.domain.com
IIS Security Authenthication Method:
Basic authenthication
Outlook Client:
URL to connect proxy server:
https:// webmail.domain.com
Principal name for proxy:
msstc:webmail.domain.com
Please point my mistake, that i have messed-up, its FE-BE scenario, suppose to be easy setup, but already took 3 days, and counting.
Thanks
https://www.experts-exchange.com/questions/22630640/RPCproxy-settings-for-RPC-over-http-FE-BE-scenario.html
But I am facing connectivity problem. when I am in LAN, the Conn status shows TCP/IP,
but when outside, if fails. Also tried with testexchangeconnectity.com
I have FE-BE scenario.
The following is my setup:
Backend: Win2003 Sp2 + Exchange 2003 SP2 + RPC-HTTP (Back-end)
NetBOIS Name: SRV
Domain: domain.local
FQDN: mail.domain.com
Frontend:Win2003 SP2 + Exchange 2003 SP2 + RPC Proxy setting
NetBOIS Name: Webmail
Domain: domain.local
FQDN: webmail.domain.com
HKEY_LOCAL_MACHINE\Softwar
the values should be entered in the below format:
SRV:6001-6002; srv.dadholding.local:6001-
SSL Certificate from 3rd party (GeoTrust):
CN = webmail.domain.com
O = webmail.domain.com
IIS Security Authenthication Method:
Basic authenthication
Outlook Client:
URL to connect proxy server:
https:// webmail.domain.com
Principal name for proxy:
msstc:webmail.domain.com
Please point my mistake, that i have messed-up, its FE-BE scenario, suppose to be easy setup, but already took 3 days, and counting.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry the Domain I mentioned is not correct, its the following:
dadholding.local
Backend:
dadsrv.dadholding.local
Frontend:
dadwebmail.dadholding.loca l
Sorry, for any confusions, little frustrated, due to the problem.
dadholding.local
Backend:
dadsrv.dadholding.local
Frontend:
dadwebmail.dadholding.loca
Sorry, for any confusions, little frustrated, due to the problem.
ASKER
I am getting RPCPing successful
RPCPinging proxy server webmail.dadholding.com with Echo Request Packet
Sending ping to server
Response from server received: 200
Pinging successfully completed in 172 ms
RPCPinging proxy server webmail.dadholding.com with Echo Request Packet
Sending ping to server
Response from server received: 200
Pinging successfully completed in 172 ms
ASKER
but I get Failed if I ping mail.dadholding.com
C:\Program Files\Windows Resource Kits\Tools>rpcping -t ncacn_http -s mail.dadho
lding.com -o RpcProxy=mail.dadholding.c om -P user,dadholding.local,* -H 1 -u 10 -
a connect -F 3 -R none -v 3 -E
RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002
OS Version is: 5.2, Service Pack 2
Enter password for RPC/HTTP proxy:
RPCPinging proxy server mail.dadholding.com with Echo Request Packet
Sending ping to server
Error 12175 returned in the WinHttpSendRequest.
Ping failed.
C:\Program Files\Windows Resource Kits\Tools>rpcping -t ncacn_http -s mail.dadho
lding.com -o RpcProxy=mail.dadholding.c
a connect -F 3 -R none -v 3 -E
RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002
OS Version is: 5.2, Service Pack 2
Enter password for RPC/HTTP proxy:
RPCPinging proxy server mail.dadholding.com with Echo Request Packet
Sending ping to server
Error 12175 returned in the WinHttpSendRequest.
Ping failed.
ASKER
I have successfully connected with HTTPS.
The problem was using the correct domain name.
I was using the FQDN for my authentication, but it seems to be required to add my local domain, to successfully logon to the RPC proxy.
So I my case, I used dadholding.local\username, and it authenticated me, and I can see now the HTTPS in conn.
but, Now I want to know, how can I save the pasword, so my users need not add the local domain, and username each time the connect outlook, from outside.
The problem was using the correct domain name.
I was using the FQDN for my authentication, but it seems to be required to add my local domain, to successfully logon to the RPC proxy.
So I my case, I used dadholding.local\username,
but, Now I want to know, how can I save the pasword, so my users need not add the local domain, and username each time the connect outlook, from outside.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, I tested it yesterday.
But looks like Outlook performance decreases, is it due to RPC? or just the machine itself.
thanks again Simon.
But looks like Outlook performance decreases, is it due to RPC? or just the machine itself.
thanks again Simon.
Outlook performance should be unaffected. It takes a few seconds longer to connect, but once it is connected there should be no difference.
-M
-M
ASKER
I have not done any registry changes as you have mentioned.
Well let me put the actual Domains names, that might point out the problem/conflicts if any.
BackEnd:
NetBIOS: DADSRV
Domain: Dadholding.com
FQDN: mail.dadholding.com
FrontEnd
NetBIOS: DADWEBMAIL
Domain: Dadholding.com
FQDN: webmail.dadholding.com
SSL Certificate from 3rd party (GeoTrust):
CN = webmail.dadholding.com
O = webmail.dadholding.com
Now is there any conflicts in FQDN of the SSL cert and the FE server.
Also I cannot have a HTTPS connection internally to webmail.dadholding.com
www.testexchangeconnectivity.com show a failure at the last stage, the IIS authentication, after passing the SSL certificate and the SSL port 443.
Thank you.