Solved

Outlook Anywhere

Posted on 2009-07-06
10
376 Views
Last Modified: 2012-08-14
Hi guys,

I have an Exchange 2007 server and ActiveSync over the net works fine from my mobile devices.  However, when trying to create a connection from Outlook 2007 via Outlook Anywhere/RCP over HTTP is says is cannot resolve the name of the server.

We create our ActiveSync connections pretty much the same way and in prinicple, I understand the process to be the same as Outlook Anywhere.  Is this a port issue, does Outlook Anywhere use different ports than ActiveSync?

Cheers.
0
Comment
Question by:AstraeusLTD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
10 Comments
 

Author Comment

by:AstraeusLTD
ID: 24783706
Official MS answer is no, only 443 need be open.  However, tried and tested; the answer is yes.  Port 1030 and 135 must be forwarded to the Exchange/AD server.

However, now that I can resolve my name against the mail server I am now experiencing a dofferent issue.  When it resolves, it changes my external FQDN to the internal one.  I need to keep it as the external FQDN.  How do I force Outlook to do so, or change Exchange to only ever give out the external address?
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24784126
First - you are incorrect with the port openings. Port 443 is the ONLY port that needs to be open. You do not need to have any other port open. Close port 135 as that opens your server to attack. If you have to open port 135 then your server is not configured correctly. 135 is a massive security hole and should never be open to the internet.

With regards to Outlook Anywhere, if you are using Outlook 2007 then Autodiscover should be setting up Outlook for you automatically. The behaviour you are seeing is correct. The Exchange server name will change to the internal server name. That is because the external information that Outlook uses to make the connection to the server is stored elsewhere, in the Advanced Options, under Connection. That should be automatically populated by Autodiscover.

Have you enabled Outlook Anywhere in Exchange 2007? Did you install the RPC Proxy?

I suggest that you start by using a test account on the Microsoft test web site here:
https://testexchangeconnectivity.com/
Verify everything is setup correctly to use Autodiscover and Outlook Anywhere.
Autodiscover is NOT an optional feature. You need to get that working correctly for external users to work correctly.

Simon.
0
 

Author Comment

by:AstraeusLTD
ID: 24784489
>> First - you are incorrect with the port openings. Port 443 is the ONLY port that needs to be open.

I understand the risk, but the only way that I could get the mailbox name to resolve, was to have those two ports open.

I'm working through the Connectivity site - cheers.

How do I correct the need to have ports 135 and 1030 forwarded?
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 
LVL 65

Expert Comment

by:Mestha
ID: 24785109
If the feature and the client had been configured correctly then you do not need to have those ports open. Therefore close them. End of story. Your server is exposed - I don't really think you do understand the risk. If you worked for me, you would be fired for opening port 135 to the internet - it is that great a risk.

The reason the name only resolved with that port open is because you didn't configure the additional settings and Outlook required a NETBIOS connection to the server.

Simon.
0
 

Author Comment

by:AstraeusLTD
ID: 24785144
>> I don't really think you do understand the risk

I understand that it is a risk.  It is purely for troubleshooting purposes.

>> you didn't configure the additional settings

That's what I was asking "How do I correct the need to have ports 135 and 1030 forwarded?"
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24785446
Have you configured the feature correctly, as I stated in my first posting?
Have you got Autodiscover to work? If you allow autodiscover to do the configuration for you, then everything just works - that is what it is designed to do.

Even for troubleshooting I would still never open port 135. It only takes an attacker 30 seconds to find that port is open and you will be fighting off the attacks for days. If it has been open for any length of time then I would be treating the system has compromised.

Simon.
0
 

Author Comment

by:AstraeusLTD
ID: 24785715
>> If you allow autodiscover to do the configuration for you

I ran the Outlook Anywhere config in the GUI.  But otherwise, I'm still yet to find out where this is done.
0
 

Author Comment

by:AstraeusLTD
ID: 24786880
http://technet.microsoft.com/en-us/library/aa997436(EXCHG.65).aspx

"Then, open the appropriate ports on the internal firewall:

TCP port 135  RPC endpoint mapper"
0
 

Accepted Solution

by:
AstraeusLTD earned 0 total points
ID: 24787076
RPC Virtual DIrectory was set to Accept certificates - needed to be set to Ignore.
0
 

Author Comment

by:AstraeusLTD
ID: 24839731
My comments have been altered by EE.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question