Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

EXCHange 2010 Access from outlook using rpc over http failing

Posted on 2011-03-08
6
Medium Priority
?
870 Views
Last Modified: 2012-05-11
I am having several problems trying to connect outlook clients directly over the internet.
Also, I can't ping my external address from inside my firewall.

What I have is my internal exchange server exch.wot.local with and internal ip xxx.xxx.xxx.212

My external address is post.wot2.com which uses NAT to point to the internal IP

I have port 25 coming in and routed through a spam filter
Other ports such as 80 443 110 220 143 I have open pointed directly to internal exch server.

I have installed certificates from godaddy using the external name however I get a warning when running testexchange tool:
"The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled. "

When running the test-outlookwebservices it passes on on the internal exch.wot.local
but fails on all the post.wot2.com address.

dns issue? firewall?
Outlook web access works as does POP3, Iphones and droids. Only outlook is giving me grief.

Thanks for all the help.
dave
 

0
Comment
Question by:DaveN6TEB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35076043
Can you check for your domain with the below link
https://www.testexchangeconnectivity.com/
0
 

Author Comment

by:DaveN6TEB
ID: 35077807
This is what i get,

Testing RPC/HTTP connectivity.
 The RPC/HTTP test completed successfully.
 Test Steps
 Attempting to resolve the host name post.wotm2.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 108.23.121.20

Testing TCP port 443 on host post.wotm2.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 Validating the certificate name.
 The certificate name was validated successfully.
 Additional Details
 Host name post.wotm2.com was found in the Certificate Subject Common name.

Certificate trust is being validated.
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.

Testing the certificate date to confirm the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 The certificate is valid. NotBefore = 12/14/2010 3:47:31 PM, NotAfter = 12/14/2011 3:47:31 PM



Checking the IIS configuration for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates isn't configured.

Testing HTTP Authentication Methods for URL https://post.wotm2.com/rpc/rpcproxy.dll.
 The HTTP authentication methods are correct.
 Additional Details
 ExRCA found all expected authentication methods and no disallowed methods. Methods found: Negotiate, NTLM

Testing SSL mutual authentication with the RPC proxy server.
 Mutual authentication was verified successfully.
 Additional Details
 Certificate common name post.wotm2.com matches msstd:post.wotm2.com.

Attempting to ping RPC proxy post.wotm2.com.
 RPC Proxy was pinged successfully.
 Additional Details
 Completed with HTTP status 200 - OK

Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 184 ms.

Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
 The NSPI interface was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Testing NSPI "Check Name" for user Dave@livingwaters.com against server exch.wotm.local.
 Check Name succeeded.
 Additional Details
 DisplayName: David Glenn, LegDN: /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn



Testing the Referral service on the Exchange Mailbox server.
 The Referral service was tested successfully.
 Test Steps
 Attempting to ping RPC endpoint 6002 (Referral Interface) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to perform referral for user /o=WOTM/ou=first administrative group/cn=Recipients/cn=dglenn on server exch.wotm.local.
 ExRCA successfully got the referral.
 Additional Details
 The server returned by the Referral service: EXCH.wotm.local



Testing the Exchange Information Store on the Mailbox server.
 ExRCA successfully tested the Information Store.
 Test Steps
 Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server exch.wotm.local.
 The endpoint was pinged successfully.
 Additional Details
 RPC Status Ok (0) returned in 247 ms.

Attempting to log on to the Exchange Information Store.
 ExRCA successfully logged on to the Information Store.
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 35077870
What error do you get when trying to connect using outlook.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:DaveN6TEB
ID: 35079451
Well, This is interesting. Testing from home tonight using Outlook 2007 I was able to get it to work.
I think what I did different was I entered the internal address on the first configuration screen, then used the external address in the proxy settings.
I have been struggling with this for days with no sucess.
I will try the outlook 2003 remote clients tomorrow.

Thanks,
Dave
0
 
LVL 23

Accepted Solution

by:
Malli Boppe earned 2000 total points
ID: 35079484
In the Microsoft exchange server field you should be using your exchange server. and in the exchang eproxy settings you should be using webmail.domain.com
0
 

Author Closing Comment

by:DaveN6TEB
ID: 35083360
I thought I had tried this but it was probably early on. Thanks for making it clear.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question