Solved

OWA not working externally after changing the router to a CISCO 877

Posted on 2009-07-10
6
603 Views
Last Modified: 2013-11-16
Hi, I recently changed our router to a cisco 877, the exchange/owa Server and port used have not changed. I added the NAT and acl for owa to the new router. all other NAT and ACL are working fine and are similar to my OWA entry. I've checked IIS /exchweb and made sure to uncheck SSL. I am not using the defauilt port. This is set to 8081.

ip nat inside source static tcp xxx.xxx.xxx.7 interface Dialer0 8081
.
.
.

access-list 101 permit ip any host xxx.xxx.xxx.7
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 22
access-list 101 permit tcp any any eq 8081

Has anybody experienced this issue berfore? any comments/suggestions greatly accepted. NAT and ACL also included in CODE: section
ip http server

ip http access-class 2

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip dns server

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source static tcp xxx.xxx.xxx.7 interface Dialer0 25

ip nat inside source static tcp xxx.xxx.xxx.6 interface Dialer0 21

ip nat inside source static tcp xxx.xxx.xxx.6 interface Dialer0 80

ip nat inside source static tcp xxx.xxx.xxx.6 interface Dialer0 22

ip nat inside source static tcp xxx.xxx.xxx.7 interface Dialer0 8081

ip nat inside source static tcp xxx.xxx.xxx.19 80 xxx.xxx.xxx.xxx 80 extendable

!

ip access-list extended SDM_AH

 remark SDM_ACL Category=1

 permit ahp any any

ip access-list extended SDM_ESP

 remark SDM_ACL Category=1

 permit esp any any

ip access-list extended SDM_IP

 remark SDM_ACL Category=1

 permit ip any any

ip access-list extended SSH

 remark SDM_ACL Category=128

 permit ip any host xxx.xxx.xxx.6

!

logging trap debugging

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark SDM_ACL Category=2

access-list 1 permit xxx.xxx.xxx.xxx 0.0.0.255

access-list 2 remark HTTP Access-class list

access-list 2 remark SDM_ACL Category=1

access-list 2 permit xxx.xxx.xxx.xxx 0.0.0.255

access-list 2 deny   any

access-list 100 remark SDM_ACL Category=128

access-list 100 permit ip host 255.255.255.255 any

access-list 100 permit ip 127.0.0.0 0.255.255.255 any

access-list 101 remark SDM_ACL Category=0

access-list 101 permit ip any host xxx.xxx.xxx.7

access-list 101 permit tcp any any eq www

access-list 101 permit tcp any any eq 22

access-list 101 permit tcp any any eq 8081

****** I added today to see if it would make any difference **********

access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 8081

********************************************************************************

access-list 102 remark SDM_ACL Category=0

access-list 102 permit ip any host xxx.xxx.xxx.6

access-list 102 permit ip any host xxx.xxx.xxx.19

access-list 103 remark SDM_ACL Category=0

access-list 103 permit ip any host xxx.xxx.xxx.7

access-list 104 remark VTY Access-class list

access-list 104 remark SDM_ACL Category=1

access-list 104 permit ip xxx.xxx.xxx.xxx 0.0.0.255 any

access-list 104 deny   ip any any

Open in new window

0
Comment
Question by:Blondzer
  • 3
  • 2
6 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24825190
OWA doesn't like using other ports. I have never had much success on using a port other than 80 and 443. If you want to use any other feature like RPC over HTTPS, or Exchange ActiveSync then you must use the native port as they are hard coded to those ports.

Simon.
0
 
LVL 8

Accepted Solution

by:
Npatang earned 500 total points
ID: 24825229
if you try to browse OWA other then the defualt ports you need to mentiond the same port with the URL while browsing OWA in browser
0
 

Author Comment

by:Blondzer
ID: 24825333
Thanks guy's
I can telnet to port 8081 internally but not externally.
We use the url http://xxx.xxx.xxx.7:8081/exchange. Works ok internally.
same format when using the external IP address. I think it would be a ACL issue?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:Blondzer
ID: 24825726
I have it working now. I think your right about using other than default. I added another public IP address to the router and changed OWA to use the default. Worked straight away. still confused why it worked with the old router.... :-)
0
 
LVL 8

Expert Comment

by:Npatang
ID: 24825780
Thats the default behaviour ...Anyways Now you know whats happening and how to browse it ?
0
 

Author Comment

by:Blondzer
ID: 24826040
sorry Mestha:I meant to split the points!!
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now