Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ISA 2006:- Exchange 2007 RPC over HTTPS not working

Posted on 2009-04-10
11
Medium Priority
?
2,199 Views
Last Modified: 2012-06-27
I'm trying to get RPC over HTTPS to work for our Exchange 2007.
Our network: DC, Exchnage 2007, ISA 2006 all joined to domain.
I've requested wildcard certificate *.domain.com so I can use with both owa.domain.com and rpc.domain.com. This certificate was installed in ISA server, and used for the Web listener below.

I've created a rule in ISA 2006
==========================
From: Anywhere
To: mail.domain.com (I've created a DNS to point this to our internal IP, which is 172.22.6.10, instead of our public IP)
Bridging: redirect requests to http port 80 (I've so sick of internal certificate and SSL connections so I just use redirect this over simple port 80)
Web Listener:
- Name: OWA-RPC
- Authentication methods: Basic
- Port: 443
-Certificate: *.domain.com
Public name: Rule applies to website mail.domain.com
Path: /rpc/*, /owa/*, /exchange/*, /public/*, /Exchweb/*
Authentication Delegation: Basic
==========================

The rule test was successful. In short, external people will have to access mail over address: https://mail.domain.com/owa 
ISA authenticates users and redirects information to Exchange 2007 over port 80.
This works perfectly with OWA, but when it comes to RPC it failed with following error in loggin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Failed Connection Attempt <Firewall> 11/04/2009 12:54:31 AM
Log type: Web Proxy (Reverse)
Status: 64 The specified network name is no longer available.  
Rule: Exchange OWA-RPC
Source: External (<External IP address>)
Destination: (172.22.6.10:80)
Request: RPC_IN_DATA http://mail.domain.com/rpc/rpcproxy.dll?Exchange.Localdomain:6001 
Filter information: Req ID: 091c2910; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: https
User: domain\user
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MS Connection Status keep showing connecting, and then disconnected. I cannot work out what's wrong with RPC, I've done a considerable amount of time surfing on the internet without any success. Please help.
0
Comment
Question by:Johnny_Nguyen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
11 Comments
 
LVL 1

Author Comment

by:Johnny_Nguyen
ID: 24117997
More information,
- I have installed RPC over http on Exchange Server. Enabled Outlook Anywhere from Exchange 2007 Console, set Authentication to be Basic.
- In IIS on Exchange server: I have set the security for RPC virtual directory to accept Basic Authentication, and uncheck the "Require Secure Channel (SSL)", exactly like the OWA directory.

- When I test browsing this http://mail.domain.com/rpc from internal network, without prompting me anything it led straight to
~~~~~~~~~~~~
"The website declined to show this webpage"
This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.
For more information about HTTP errors, see Help.
~~~~~~~~~~~~
0
 
LVL 49

Expert Comment

by:Akhater
ID: 24118417
you should try by testing your rpc/http internally

you can do this by setting outlook to connect using http on both fast and slow network
0
 
LVL 1

Author Comment

by:Johnny_Nguyen
ID: 24118501
I've set outlook to use this rpc connection, when the PC is in internal network outlook prompt me for user/pwd then it works. In MS Exchange connection Status:
It starts with connecting then established.  But I notice the connection turns from HTTPS to TCP/IP
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 49

Expert Comment

by:Akhater
ID: 24118592
you mean that even internlly u cannot connect using rpc/http ? when it is connected it is usin TCP/IP ?

well then it seems more like an exchange issue

btw outlook anywhere can only work with https protocol if using basic authentication
0
 
LVL 1

Author Comment

by:Johnny_Nguyen
ID: 24118700
As I mentioned, It works internally after prompting for a user/pwd. And when it does, all the https connection turn to TCP/IP, status turns to established.

Yeah I know Outlook Anywhere works with https using basic authentication, but thats what I use.

Any ideas, please ?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 24118709
well tcp/ip doen't mean rpc/http it means "normal" operation
0
 
LVL 1

Author Comment

by:Johnny_Nguyen
ID: 24118761
Okay, any help on this issue please
0
 
LVL 1

Accepted Solution

by:
Johnny_Nguyen earned 0 total points
ID: 24125910
Got it fixed. After a lot of checking using RpcPing, I found out It was a DNS issue though very subtle.
I re-did the whole DNS setting and it worked now.
0
 

Expert Comment

by:Stee
ID: 25021345
Is there any more info on the DNS issue as I have the same error..
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question