Exchange 2003 OWA - Bad Request (Invalid Hostname)

Okay, This has tormented me long enough and I still don't know why it happened.

We have a 2 server network.
Server 1: Windows 2003 Domain Controller, ISA 2006 std, IP: 192.168.1.100, 172.22.6.1
Server 2: Exchange 2003, IP: 172.22.6.2

The way network setup: INTERNET <----->  ISA/DC <-------> INTERNAL NETWORK SWITCH
I published Exchange OWA to public port 80 fine, public name "mail.mydomain.com". The Listener: listens on port 80, FBA with AD authentication

In internal DNS, I set mail.mydomain.com to point to the 192.168.1.100 so that it also displayed the Form based authentication page of Exchange.

Everything works fine, and after yesterday It started reporting problem from firefox "Invalid request (Bad Hostname)" or from IE "HTTP 400 Bad Request".

By logging the request, I can see that the http request never actually got to Exchange Server, it only request to the ISA/DC and stopped there. Details below
Log type: Web Proxy (Forward)
Status: 400 Bad Request
Rule: Allow all
Source: External (111.111.111.111)
Destination: Local Host (192.168.1.100:80)
Request: GET http://192.168.1.100/exchange 
Filter information: Req ID: 11f489f0; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: anonymous

From within the company, I can actually type http://Server2/exchange and access webmail there, but this cannot be published to the internet.

Why is that ? Please assist me
LVL 1
Johnny_NguyenAsked:
Who is Participating?
 
Johnny_NguyenConnect With a Mentor Author Commented:
This is completely a ISA issue, and it only happened to port 80.
I removed the latest updates including SP1, then reinstalled them all, working fine.

This happened again in a week, I finally gave up and moved it to port 443 and it has been working well since
0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
Seems an issue with ISA.
Which version of ISA you are using?

Are you able to browse mail.mydomain.com from your desktop ?
Are you able to browse this website from ISA using mail.mydomain.com?
Also, would suggest you to view the real time logging to understand if ISA is rejecting the requests due to some issues.

Thanks
Shaba
0
 
Johnny_NguyenAuthor Commented:
I'm using ISA 2006 Standard SP1. And this isn't the first time it happened. The time logged on the ISA is real time.

From inside the network (from ISA and from other internal PCs), mail.mydomain.com cannot be browsed today, same error whereas previous I could do this (and see the form based authentication page from anywhere). Now I have to use http://server2/exchange to check webmail and it only valid for internal users.

What can be done in this case ?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Johnny_NguyenAuthor Commented:
If I change the listener to listening to port 81, and browse it http://mail.mydomain.com:81/exchange from inside or outside the network, this allows me to view the FBA login page of outlook. But as soon as I logged in, every frame shows up as bad request (Invalid hostname) again. Just like they can't work on port 80 or something.
0
 
Shreedhar EtteCommented:
Hi,

- Right Click the Exchange Virtual directory in the IIS.
- Click on properties.
- Go To Directoy Security> IP Address restrction> If any IP Address add remove them

Restart the IIS and then try to access the OWA.

Hope this helps,
Shree
0
 
v_9mhdrfCommented:
Please check whether you have set any Host Header value in Default web site.
> Right click on default Web site go to properties.
> Click on Advanced button near IP address and check whether you have set any Host Header Value in port 80.
> If yes please remove the Host Header Value from it and check for OWA again.

check out and revert back
Thanks,
Mohammed
0
 
Johnny_NguyenAuthor Commented:
Tried both without avail. Even then the Exchange Server is down, I should at least get to see the FBA authentication page via ISA, in this case absolutely NO.
0
 
Shreedhar EtteCommented:
Are you able to access the OWA locally?
0
 
v_9mhdrfCommented:
Alright please follow the kb- http://support.microsoft.com/kb/883380
Delete and recreate the Exchange related Virtual Directories and try internally first.
0
 
Johnny_NguyenAuthor Commented:
If locally I type http://server2/exchange I can access email on it without problem.
But as soon as I used the published name http://mail.mydomain.com.vn/exchange then I got the error regardless locally or remotely.
0
 
v_9mhdrfCommented:
Check whether you have any URL Scan software installed, and set the AntiVirus Exclusions.
Check for SSL should be disabled in Default website under Directory Security Settings.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.