OWA not functioning on new server

I am using Exchange 2003 in Windows 2003 Server standard with a Cisco PIX firewall.

I am migrating Exchange 2003 servers.  I believe I have cloned the setup from the old server to the new one.  I have moved all the mailboxes, and I have the internal Outlook clients and external Pop3/SMTP clients sending and receiving email.  

However I cannot get OWA to work.  If I go the https://Server.domain.com from an external computer, I get the IIS under construction message, which make me believe that the port forwarding is correct.  But if I go to https://Server.domain.com/exchange/mailboxname I get "Internet explorer cannot display the webpage".  Sometimes when I first type the complete URL is asks me to authenicate before giving me the "Internet explorer cannot display the webpage" error message.

If I use OWA on an internal client with either the internal IP address or internal FQDN, OWA works, but with a certificate error because the servernames do not match, but it has all functionality and can send and receive email.

This makes me think that the clients from outside the building and not being authenicated correctly.

RPC over HTTP seems to be working, which makes me think all the port forwarding is correct and it is an authenication problem.

Any ideas on what I should check.  The client is wanting his email working.

Thanks Jeff
Who is Participating?
dabassguy1Connect With a Mentor Author Commented:
Comparing the IIS metabase between the old server and the new server the AuthFlag parameter was 6 on the new server and 2 on the old.  A change of AuthFlags and now OWA is working like a champ.

The active sync stuff is a different matter tho, but this was a OWA Question
Glen KnightCommented:
Have you redirected port 443 to the new servers IP instead of the old one?

From the server itself if you browse to https://localhost/exchange what do you get?

Have you moved all the mailboxes?
dabassguy1Author Commented:
Thank you for your quck response.

I have redirected the port to the new server instead of the old one.

I have moved all the mailboxes.

I have been working on this by RDP and that server just quit accepting my RDP client, so I cannot try the localhost exchange thing til I go in in the morning it looks like.  Its working as the exchange server, and I can access it with a remote computer management to look at the event logs, but it will not accept my RDP session.

Guess I have to shelve this until tommorrow.

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

dabassguy1Author Commented:
There was a NIC card driver issue that caused the lack of RDP, which has been fixed.  

But this situation is the same,

I get the same thing when I browse to https://localhost/exchange.  It comes up and gives  me a certificate error and then I get the "Internet explorer cannot display the webpage" message.

Since Rpc Over Http is working that means the SSL stuff has to be working as well.

When I take a browser to the external interface for the first time, it gives me the OWA login, and after entering valid login information the "cannot display the webpage" message comes up.  Any attempts to access the OWA server on again in that session immediately get the "cannot display" message.

Glen KnightCommented:
Do you have multiple NIC's? If so then this is not a supported configuration and you will need to bind the IIS services to a single IP which is also unsupported.
dabassguy1Author Commented:
There are two NICs in the machine, but one is disabled.

Is IIS binding still required?  How does one do that?

dabassguy1Author Commented:
More info.

I have perused the IIS logs and found that the logins are failing (401) in the logs for the OWA logins that come from outside the buidling.

The sucessful OWA logins that come from inside start with an unsucessfull logim (401) with a re-direct (302) another failure (401) and then a success.  Both the re-direct (302) and the successful login (200) have the DOMAIN\USer in the log line and the failures do not.

Any suggestions?
dabassguy1Author Commented:
If I enable FBA on the exchange server, and login in with DOMAIN/USER, OWA works.  We can't use FBA cause of the outlook mobile stuff, but I thought I would try.

When turning off FBA and re-booting, we are back to OWA not working.  

The mobile stuff never works.
dabassguy1Author Commented:
Decided to go poking around in Metabase explorer due to lack of responses and stumbled on the parameter that made it work.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.