OWA not working internally or externally on 2003 SBS

Hi All,

I have inherited the running of an old 2003 SBS server which was just being used as a domain controller and file server while domain clients accessed email via an externally hosted exchange service.

While trying to offer my client a better and cheaper option than paying for hosted Exchange I offered to set up their SBS server to host email instead.  I've requested an SSL cert on the server and the cert is currently going through authorisation process with GoDaddy.

In the meantime I've created an external DNS record of owa.domain.co.uk and pointed it to the external IP address of the server and opened ports 25 and 443 on the firewall and forwarded them to the internal IP of the server.

Unfortunately I can't seem to get any joy accessing OWA either from the server or even get a ping response to owa.domain.co.uk from outside (ping resolves to the correct IP but does not give a response)

I've checked the firewall and all is fine there so think it's down to something wrong in the server/IIS.

I can't access owa using servername/exchange or IP address/exchange internally.

Would really appreciate some guidance.

Many thanks

Adam
amlydiateAsked:
Who is Participating?
 
computerdoctorserviceCommented:
You can get this working without the certificate, then add the certificate later.
You should check, if you open port 25, that you are not opening the machine up for relay abuse - go to http://www.abuse.net/relay.html and check this first.
If you are using SBS Premium you might be better not to use ISA server as this makes the job more complex, although it still can be done.
Update the machine to latest SP and Windows Updates, including SPs for Exchange.
You will need to get your router to allow a ping response.  The server will not do this as a matter of course.
You are right to start with an internal connection.  Make sure you are using https://servername/exchange, that IIS is running and Exchange is installed correctly (i.e. set up an outlook client that can work first).
Let us know how it goes once all the updates and SPs are done.
0
 
SaadAhmedFarooquiCommented:
Have you configured the exchnage server correctly, I mean are you able to connect to the mailboxes via outlook.

When you open the webmail internally do you get any errors?

As for the ping, ICMP packets ar blocked by the forewall so you don't have to worry about it. If you ant to check the services via name you can telnet the server using the following commands:

SMTP :  Telnet your-server-name 25
HTTPS:  Telnet your-server-name 443
0
 
PerarduaadastraCommented:
I take it that email between Exchange and the Outlook clients is working OK?

To get Exchange running did you simply enable the relevant services, or did you have to install the Exchange portion of SBS?
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
Binish007Commented:
Hi Adam

I am replying to this question since it seems the query is still open.

Could you please confirm port 443 (HTTPS), 80 (HTTP) and Port 25 (SMTP) are open in your LAN Firewall and any other firewall within your Antivirus or similar software installed in the server.

Please try to get owa using http://servername/exchange
If this fails please make sure your IIS Service is started. And if you have OWA screen available for http please check the binding for https

IIS > Website > Default Web site > Exchange
Take Properties of Exchange and Select Directory Security from Exchange Properties Window. Uncheck Require Secure Channel (SSL) from Server communication window for now to check the functionality for Exchange OWA. Once you have SSL certificate available from GoDaddy you can enable this  option for https communication

Many Thanks
Binish Varghese
0
 
computerdoctorserviceCommented:
The query is still open because presumably Adam is still working on it.
0
 
itubafCommented:
Dear Adam,

i would suggest yuo to troubleshoot Inetrnal issue first than External.

1) make sure your internal owa is working if suceed ok, if not and you have modifid some changes recently try reintall owa.

2) after sucessful login from internal do following on your firewall.

1) create one rule from external to internal alowing HTTPS (443)
2) create nat.
3) allowing

if you fails please let me know firewall make and model, now a days all good quality firewalls come with wizard. if your firewall support wizard try to use.
0
 
amlydiateAuthor Commented:
OK Thanks everyone, I installed all missing updates to Exchange and I've removed SSL from the Default Website and I can now run OWA internally, however I still can't get the website up from outside, however I can now at least get a response from a ping to owa.domain.co.uk which I couldn't get before. However going to http://owa.domain.co.uk/exchange still gets a response of "Internet Explorer Cannot Display the Webpage"
0
 
computerdoctorserviceCommented:
You should reinstate SSL and see if this works, because unless you want to run unsecure, this should be sorted first internally.
0
 
computerdoctorserviceCommented:
The next step is that the default web site must be published through the firewall.  Depending on what you are using you must set up a server publishing rule on port 80 or port 443 (if you use unsecure or ssl).  This must point to the ip address of the server.
If you use ISA server this needs more details ... i.e. the name of the web site as it appears to the internet.
0
 
amlydiateAuthor Commented:
Thanks guys, was a combination of things, I ran all the updates for Exchange, removed SSL from the site, and (most importantly) enabled port 80 on the firewall (I just had 443 open at the time)

Thanks everyone for your help

Adam
0
 
Binish007Commented:
Hi Adam

Please check the IP Address and Domain name restriction is set to 'All Computers will be granted' or specify your IP Address in Granted Access List. Also have a look at the authentication method for the virtual directory 'Exchange' to integrated authentication and windows authentication. Also Uncheck anonymous authentication.

Please don't forget to mark if my previous comment was helpful.

Many Thanks
Binish
0
 
computerdoctorserviceCommented:
DO check the relay test ... reduces spam and saves your server from the baddies ...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.