QuadXT
asked on
Exchange 2007 OWA (External)
Hi All,
I have a test enviroment setup running on a domain functional level of Server 2008 with an Exchange 2007 Server. Internal OWA access is working fine by entering the following url:
https://server.example.local/owa
I have the following domain registered:
example.co.uk
I currently have a MX record and the associated host A record out on the internet pointing to the public IP address of my router.
I have setup a self signed SSL which concides with the URL which will be used to access the Exchange server externally. The following command was run:
New-ExchangeCertificate -DomainController DC1.example.local -DomainName webmail.example.co.uk -FriendlyName "Microsoft Exchange" -KeySize 1024 -PrivateKeyExportable $true
I am now able to see the certificate via IIS and I have set the default site to bind with the newly created certificate rather then the default one created with the installation of the exchange server.
I have setup my firewall to forward port 443 requests through to the internal address of my CAS.
When typing the following URL to access the OWA page externally the page times out with no success:
https://webmail.example.co.uk/owa
I have tried adding the external URL on the OWA tab for the CAS configuration to no avail.
Anyone have any ideas as to why this is not working, have I missed a fundamental step required for external access? Appreciate some help & assistance.
Thanks in advance,
QuadXT
I have a test enviroment setup running on a domain functional level of Server 2008 with an Exchange 2007 Server. Internal OWA access is working fine by entering the following url:
https://server.example.local/owa
I have the following domain registered:
example.co.uk
I currently have a MX record and the associated host A record out on the internet pointing to the public IP address of my router.
I have setup a self signed SSL which concides with the URL which will be used to access the Exchange server externally. The following command was run:
New-ExchangeCertificate -DomainController DC1.example.local -DomainName webmail.example.co.uk -FriendlyName "Microsoft Exchange" -KeySize 1024 -PrivateKeyExportable $true
I am now able to see the certificate via IIS and I have set the default site to bind with the newly created certificate rather then the default one created with the installation of the exchange server.
I have setup my firewall to forward port 443 requests through to the internal address of my CAS.
When typing the following URL to access the OWA page externally the page times out with no success:
https://webmail.example.co.uk/owa
I have tried adding the external URL on the OWA tab for the CAS configuration to no avail.
Anyone have any ideas as to why this is not working, have I missed a fundamental step required for external access? Appreciate some help & assistance.
Thanks in advance,
QuadXT
ASKER
Hi Shree,
Forgot to add when attempting a ping test webmail.example.co.uk it is able to resolve the public IP address of the router.
Regards,
QuadXT
Forgot to add when attempting a ping test webmail.example.co.uk it is able to resolve the public IP address of the router.
Regards,
QuadXT
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Shreedhar,
Their are HTTPS rule matches on the logs. Just for your information I am able to send and receive emails to/from external domains without any issues. An SMTP firewall rule has also been setup to forward queries to the Exchange server.
Regards,
QuadXT
Their are HTTPS rule matches on the logs. Just for your information I am able to send and receive emails to/from external domains without any issues. An SMTP firewall rule has also been setup to forward queries to the Exchange server.
Regards,
QuadXT
ASKER
Ok this appears to be a user fault, I was attempting a connection from a laptop which in fact was using the wireless connection of the Router providing internet services for the test domain. When the request was sent for access to the external page it was emanating from a LAN address, so basically it was going out and then coming back in again, the router most likely though this was a spoof attack and dropped the packets. The assumption was that the connection was being made from the wireless dongle with a public IP address although the dongle was never on a connected state!. Apologies for my stupidity :-). I will award the points to Shreedhar for his assistance.
ASKER
User Error!
Check whether webmail.example.co.uk is resolving to the public ip of your router.
I hope this helps,
Shree