?
Solved

EXCHange 2010 Access from outlook using rpc over http failing

Posted on 2011-03-08
6
Medium Priority
?
862 Views
Last Modified: 2012-05-11
I am having several problems trying to connect outlook clients directly over the internet.
Also, I can't ping my external address from inside my firewall.

What I have is my internal exchange server exch.wot.local with and internal ip xxx.xxx.xxx.212

My external address is post.wot2.com which uses NAT to point to the internal IP

I have port 25 coming in and routed through a spam filter
Other ports such as 80 443 110 220 143 I have open pointed directly to internal exch server.

I have installed certificates from godaddy using the external name however I get a warning when running testexchange tool:
"The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled. "

When running the test-outlookwebservices it passes on on the internal exch.wot.local
but fails on all the post.wot2.com address.

dns issue? firewall?
Outlook web access works as does POP3, Iphones and droids. Only outlook is giving me grief.

Thanks for all the help.
dave
 

0
Comment
Question by:DaveN6TEB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35076043
Can you check for your domain with the below link
https://www.testexchangeconnectivity.com/
0
 

Author Comment

by:DaveN6TEB
ID: 35077807
This is what i get,

Testing RPC/HTTP connectivity.
 The RPC/HTTP test completed successfully.
 Test Steps
 Attempting to resolve the host name post.wotm2.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 108.23.121.20

Testing TCP port 443 on host post.wotm2.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 Validating the certificate name.
 The certificate name was validated successfully.
 Additional Details
 Host name post.wotm2.com was found in the Certificate Subject Common name.

Certificate trust is being validated.
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.

Testing the certificate date to confirm the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 The certificate is valid. NotBefore = 12/14/2010 3:47:31 PM, NotAfter = 12/14/2011 3:47:31 PM



Checking the IIS configuration for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates isn't configured.

Testing HTTP Authentication Methods for URL https://post.wotm2.com/rpc/rpcproxy.dll.
 The HTTP authentication methods are correct.
 Additional Details
 ExRCA found all expected authentication methods and no disallowed methods. Methods found: Negotiate, NTLM

Testing SSL mutual authentication with the RPC proxy server.
 Mutual authentication was verified successfully.
 Additional Details
 Certificate common name post.wotm2.com matches msstd:post.wotm2.com.

Attempting to ping RPC proxy post.wotm2.com.
 RPC Proxy was pinged successfully.
 Additional Details
 Completed with HTTP status 200 - OK

Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 184 ms.

Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
 The NSPI interface was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Testing NSPI "Check Name" for user Dave@livingwaters.com against server exch.wotm.local.
 Check Name succeeded.
 Additional Details
 DisplayName: David Glenn, LegDN: /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn



Testing the Referral service on the Exchange Mailbox server.
 The Referral service was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6002 (Referral Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to perform referral for user /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn on server exch.wotm.local.
 ExRCA successfully got the referral.
 Additional Details
 The server returned by the Referral service: EXCH.wotm.local



Testing the Exchange Information Store on the Mailbox server.
 ExRCA successfully tested the Information Store.
 Test Steps
 Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to log on to the Exchange Information Store.
 ExRCA successfully logged on to the Information Store.
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35077870
What error do you get when trying to connect using outlook.
0
What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

 

Author Comment

by:DaveN6TEB
ID: 35079451
Well, This is interesting. Testing from home tonight using Outlook 2007 I was able to get it to work.
I think what I did different was I entered the internal address on the first configuration screen, then used the external address in the proxy settings.
I have been struggling with this for days with no sucess.
I will try the outlook 2003 remote clients tomorrow.

Thanks,
Dave
0
 
LVL 23

Accepted Solution

by:
Malli Boppe earned 2000 total points
ID: 35079484
In the Microsoft exchange server field you should be using your exchange server. and in the exchang eproxy settings you should be using webmail.domain.com
0
 

Author Closing Comment

by:DaveN6TEB
ID: 35083360
I thought I had tried this but it was probably early on. Thanks for making it clear.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…
Suggested Courses
Course of the Month12 days, 9 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question