Solved

Exchange 2007 OWA - Works internally, but not externally

Posted on 2011-02-14
15
629 Views
Last Modified: 2012-05-11
I feel like I am missing something simple.

I replaced a server running an inexpensive mail server program with a new Windows 2008 server with MS Exchange 2007.  The only thing that is not working os OWA.  I can access OWA with no problems from the network.  When I try to access it from outside, however, I get the "Page cannont be displayed" error.

I have reviewed the PIX firewall settings and we have both ports 80 and 443 open and directed to the Exchange server.  Is there something on the Exchange server that needs to be changed to permit access from off the network?

Thanks

0
Comment
Question by:tcampbell_nc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 2
15 Comments
 
LVL 5

Expert Comment

by:LLMorrisson
ID: 34890809
Is the URL for OWA the same internally as externally, or different?

Make sure the service URLs for the outlook web app are appropriately correct on your server config, client access role.
0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34890900
They are different.  The internal has the FDQN of the server.  The external was blank.  I filled it in with the Internet address that resolves to our webmail access.  It still does not work.  Do I need to stop Exchange and restart it for that setting to take effect?
0
 
LVL 5

Expert Comment

by:LLMorrisson
ID: 34890915
Do you used a self-signed certificate or a real one?
0
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34890936
Self Signed
0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 34891709
Is the outside URL and IP address registered with the correct DNS A record through your domain registrar?
The outside facing address of your Exchange will need only port 443 permitted for outside traffic on your PIX.
The outside address with need to be NAT'd to your inside address of the Exchange Server....preferably to an Exchange 2003 Front End Server (but it is ok if you only have one server).
0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34892005
Yes.

The outside Address is registered with an A Record.  NAT in in place on the PIX.  Only one server.
0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 34892080
Under the Authentication tab inside the properties of owa....check the box for Basic Authentication
0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34892111
Not getting to an authentication screen.
0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 34892140
From the outside....if you ping https://webmail.me.com (your information), does it resolve to the outside ip address you have NAT'd to the Exchange server?
If Yes, is your External URL configuration in owa properties set to https://webmail.me.com/owa?

0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34892199
Yes for the ping.

Sort of for the External url setting.  It was empty.  Now it is correct, but I have not had a chance to restart the server yet.  Does that setting require a restart?
0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 34892261
Exchange 2010 will prompt you if you need to restart the server or IIS after changes are made. If you received no prompt then you should be good.
0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34892333
I have Exchange 2007


Just restarted the server.  No change.
0
 
LVL 10

Accepted Solution

by:
ChopperCentury earned 500 total points
ID: 34892388
You might try a port scanner on the outside ip address to make sure you are able to get to port 443 on the exchange server.
0
 
LVL 1

Author Comment

by:tcampbell_nc
ID: 34894071
Chopper,

You may have just solved my problem.  The port scanner showed that port 443 was not responding.  A much closer look at my PIX firewall config showed a typo on the Permit for https.  There is a 168 instead of a 169 in the outside IP address.  

I'll be back on site tomorrow to see if this was my problem.
0
 
LVL 1

Author Closing Comment

by:tcampbell_nc
ID: 34898542
OWA is functioning now.  I located a typo in the PIX firewall after confirming there was no port 443 access to the server.

Thanks
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month5 days, 19 hours left to enroll

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question