I want users to be able to open a web browser and type in "email" for access to OWA while inside the network and to be able to type in "email.domain" when outside the network. This keeps it simple and easy to remember and I hope it can be accomplished.
The actual URL for the OWA site is: https://server.domain/owa
Here is what I've done so far:
I purchased and installed a SSL certificate for common name "email.domain".
I configured IIS HTTP Redirect to https://email.domain
I configured IIS Default Web Site HTTP Redirect to /owa.
I added an INTERNAL DNS Alias (CNAME) entry that resolves "email" to "server.domain.local".
I added a PUBLIC DNS Host (A) entry that resolves "email.domain" to IP 188.8.131.52 (the external IP address of the IIS server)
In IIS, I configured Site Bindings for the Default Web Site to use the public SSL certificate for "All Unassigned IP Address" and Port 443.
External access works great. It is secure and everything redirects as it is supposed to, but internal access does not work. When I try URL "http://email
" I get an error that it is not found. I can use the address "https://email/owa
" to access it, but it is not secured. I receive a certificate error "Mismatched Address" because the SSL certificate is valid for the public address, not the private address.
Can someone tell me what I need to do?!
I attached some screenshot images that might help.