Solved

EXCHange 2010 Access from outlook using rpc over http failing

Posted on 2011-03-08
6
847 Views
Last Modified: 2012-05-11
I am having several problems trying to connect outlook clients directly over the internet.
Also, I can't ping my external address from inside my firewall.

What I have is my internal exchange server exch.wot.local with and internal ip xxx.xxx.xxx.212

My external address is post.wot2.com which uses NAT to point to the internal IP

I have port 25 coming in and routed through a spam filter
Other ports such as 80 443 110 220 143 I have open pointed directly to internal exch server.

I have installed certificates from godaddy using the external name however I get a warning when running testexchange tool:
"The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled. "

When running the test-outlookwebservices it passes on on the internal exch.wot.local
but fails on all the post.wot2.com address.

dns issue? firewall?
Outlook web access works as does POP3, Iphones and droids. Only outlook is giving me grief.

Thanks for all the help.
dave
 

0
Comment
Question by:DaveN6TEB
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35076043
Can you check for your domain with the below link
https://www.testexchangeconnectivity.com/
0
 

Author Comment

by:DaveN6TEB
ID: 35077807
This is what i get,

Testing RPC/HTTP connectivity.
 The RPC/HTTP test completed successfully.
 Test Steps
 Attempting to resolve the host name post.wotm2.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 108.23.121.20

Testing TCP port 443 on host post.wotm2.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 Validating the certificate name.
 The certificate name was validated successfully.
 Additional Details
 Host name post.wotm2.com was found in the Certificate Subject Common name.

Certificate trust is being validated.
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.

Testing the certificate date to confirm the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 The certificate is valid. NotBefore = 12/14/2010 3:47:31 PM, NotAfter = 12/14/2011 3:47:31 PM



Checking the IIS configuration for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates isn't configured.

Testing HTTP Authentication Methods for URL https://post.wotm2.com/rpc/rpcproxy.dll.
 The HTTP authentication methods are correct.
 Additional Details
 ExRCA found all expected authentication methods and no disallowed methods. Methods found: Negotiate, NTLM

Testing SSL mutual authentication with the RPC proxy server.
 Mutual authentication was verified successfully.
 Additional Details
 Certificate common name post.wotm2.com matches msstd:post.wotm2.com.

Attempting to ping RPC proxy post.wotm2.com.
 RPC Proxy was pinged successfully.
 Additional Details
 Completed with HTTP status 200 - OK

Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 184 ms.

Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
 The NSPI interface was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Testing NSPI "Check Name" for user Dave@livingwaters.com against server exch.wotm.local.
 Check Name succeeded.
 Additional Details
 DisplayName: David Glenn, LegDN: /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn



Testing the Referral service on the Exchange Mailbox server.
 The Referral service was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6002 (Referral Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to perform referral for user /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn on server exch.wotm.local.
 ExRCA successfully got the referral.
 Additional Details
 The server returned by the Referral service: EXCH.wotm.local



Testing the Exchange Information Store on the Mailbox server.
 ExRCA successfully tested the Information Store.
 Test Steps
 Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to log on to the Exchange Information Store.
 ExRCA successfully logged on to the Information Store.
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35077870
What error do you get when trying to connect using outlook.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:DaveN6TEB
ID: 35079451
Well, This is interesting. Testing from home tonight using Outlook 2007 I was able to get it to work.
I think what I did different was I entered the internal address on the first configuration screen, then used the external address in the proxy settings.
I have been struggling with this for days with no sucess.
I will try the outlook 2003 remote clients tomorrow.

Thanks,
Dave
0
 
LVL 23

Accepted Solution

by:
Malli Boppe earned 500 total points
ID: 35079484
In the Microsoft exchange server field you should be using your exchange server. and in the exchang eproxy settings you should be using webmail.domain.com
0
 

Author Closing Comment

by:DaveN6TEB
ID: 35083360
I thought I had tried this but it was probably early on. Thanks for making it clear.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question