DNS - OWA resolution.

jwjjwj
jwjjwj used Ask the Experts™
on
I have a domain called mydomain.local and there are three servers - AD Server MyFile1.mydomain.local - Email and IIS Server MyMail.mydomain.local and an ISA Server Gate1.mydomain.local. All 2003 based including the Exchange server on Mymail.mydomain.local. I have purchased a SSL certificate with host and common name of remote.mydomain.com and installed it on the IIS(6) server and can use SSL Forms authentication by entering https://mymail/exchange. I have added a DNS Zone on the DNS Server MyFile1 called remote.mydomain.com and in this zone, I have added a host record pointing remote.mydomain.com to the ip address of mymail1 which is 10.9.2.3, and interally i can resolve this via a ping from all three servers to MyMail server. But I cannot enter https://remote.mydomain.com/exchange and get the forms page up. I get error 400.  Can anyone off some advice. My aim is to authenticate using this certificate for external OWA clients and mobile, active sync.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Awarded 2009
Top Expert 2010

Commented:
You don't need to add your external DNS zone to your internal DNS servers.  You should set this up in your external DNS.

Also you should be using ISA to publish these services for you.  If your unsure on how then please see my guide here on publishing Exchange Services with ISA server: http://demazter.wordpress.com/publish-exchange-services-with-isa2006/

Author

Commented:
Thank you demazter for your info. The site is published to external clients using an external DNS. I want the internal users to resolve the same way. Your publishing guide refers to 2006. As stated in my question I am using ISA 2004 with Exhange 2003 and Server 2003 systems.
Awarded 2009
Top Expert 2010

Commented:
Ok in that case you need to create an internal forward lookup zone for mydomain.com (not remote.mydomain.com) and add an A record for remote into that forward lookup zone that points to the internal IP address of your Exchange Server.

Your certificate should be for the external URL you will use and this will need to be installed on Exchange and the ISA server, sorry missed the ISA 2004 bit, afraid I am not familiar with this version
Commented:
Thanks for your pointers demazter however I had already set up a new forward lookup zone and added the host record.
As it turns out, what I had done was correct, however all three servers simply required a restart. Following the restart, the domains work as I want them to.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial