Solved

After moving the OWA to a different DMZ it does not work.

Posted on 2009-05-14
3
475 Views
Last Modified: 2012-05-07
Hello,

We have two OWA servers runing Exchange 2003 SP2 under W2K3 SP2. As part of the move, we moved one OWA server to a different DMZ. After taht we can access the web interface for logon credential but cannot access the mailbox. After giving the credentials it says "Page cannot be displayed". Turned off user friendly error, it shows "Unspecified error".

The firewall group claims that everything is open between the OWA server DMZ and the Mailbox server subnet. I compared all other configurations with the working one. They are same.

Important: But I tried to see the list of domain controllers under 'Directory Access' tab of the OWA server properties, it shows empty.
Any help is greatly appreciated.

Thanks,
0
Comment
Question by:rafiq01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24389861
All you need is a front end server with your firewall forwarding 443 traffic to it. Why do you have the server in DMZ?
0
 

Author Comment

by:rafiq01
ID: 24391368
That is from outside to the OWA server what about OWA server to mailbox server?

There might have reasons to the engineers who originally put it in the DMZ but not to me and I cannot change the decision now. So, just left it there.
0
 

Accepted Solution

by:
rafiq01 earned 0 total points
ID: 24503808
Two issues found and resolved.
1. Firewall did not have appropiet posts opened from OWA to AD and Exchange.
For Exchange Communication:
Port 80 for HTTP
Port 691 for Link State Algorithm routing protocol

For Active Directory communication:
Port 389 for LDAP (TCP and UDP)
Port 3268 for Global Catalog Server LDAP (TCP)
Port 88 for Kerberos Authentication (TCP and UDP)
Port 53 for DNS (TCP and UDP)
Port 135  RPC endpoint mapper (TCP)
Ports 1024 and higher for RPC services

2. Needed to add the subnet of OWA under AD Sites and Services.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question