OWA not working on Cisco ASA 5505

Owa works internally, but I can not use owa or recieve mail inbound

I have attached the config for the ASA
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address
interface Vlan3
 no forward interface Vlan1
 nameif dmz
 security-level 50
 no ip address
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
passwd xBw6sb8XZahJEW7r encrypted
ftp mode passive
dns server-group DefaultDNS
 domain-name cityofmaywood.org
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list 101 extended permit tcp host host eq tel
access-list 101 extended permit tcp host 12.198.2
01.93 eq telnet
access-list 101 extended permit tcp host host eq tel
access-list 101 extended permit tcp any host eq netbios-ssn
access-list 101 extended permit tcp any host eq 135
access-list 101 extended permit tcp any eq www host eq www
access-list 101 extended permit tcp any host eq https
access-list 101 extended permit udp any host eq netbios-ns
access-list 101 extended permit udp any host eq netbios-dgm
pager lines 24
logging enable
logging asdm emergencies
mtu inside 1500
mtu outside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1
static (inside,outside) tcp www www netmask 255.255.25
static (inside,outside) tcp https https netmask 255.25
static (inside,outside) tcp smtp smtp netmask 255.255.
static (inside,outside) netmask
access-group 101 in interface outside
route outside 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
username mshapiro password YGMhyG0aiKoM9t0u encrypted privilege 15
http server enable
http inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address inside
class-map inspection_default
 match default-inspection-traffic
policy-map type inspect dns preset_dns_map
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
service-policy global_policy global
prompt hostname context
: end

Open in new window

Who is Participating?
Britt ThompsonSr. Systems EngineerCommented:
You need to add:
access-list 101 extended permit tcp any host eq smtp

Also, have you added a public url to your OWA setup in Exchange System Manager?
You need to open udp port 1755 as well.
drcrash1Author Commented:
Ok, I get to the login prompt, but it keeps repeating even after I put in my credentials?
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Britt ThompsonSr. Systems EngineerCommented:
Use the DOMAIN\username syntax if you're not.
drcrash1Author Commented:
Already tried that,
Britt ThompsonSr. Systems EngineerCommented:
Is it coming up with the OWA authentication form web page or is a pop up asking for a username and password?
drcrash1Author Commented:
it is a popup
Britt ThompsonSr. Systems EngineerCommented:
Doesn't sound right...are you sure you have your OWA public URL setup correctly? This could be a permissions issue on the virtual directory in IIS. The last 2 times I setup Exchange I had to reset the password for the server's IUSR account and re-enter into the virtual directory anonymous access sections.
drcrash1Author Commented:
I think it is set correctly

What would cause the windows username/password screen externally but give the owa login internally
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.