[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 591
  • Last Modified:

Exchange 2003 Webmail not showing

Have a smb 2003 server with exchange, sonicwall tz170 firewall.  At some time last week lost connectivity to the webmail.  will not show on server or remotely.  tried restarting the serivces for exchange on IIS did not work.  firewall rule for this server has not changed.  when connecting to webmail certificate warning "There is a problem with this websites certificate" I press continue and get Internet explorer cannot display the webpage.  If I leave off the /exchange on the url.....ie....https:\\mail.mycompany.com\ it gets to the sonicwall Tz170 firewall login prompt.  I have recently been asked to diagnose this issue and the server is new to me. I see an old cert was issued but expired back in 2009....so I do not know if the cert prompt has anything to do with the webmail issue as all was working for months.  email is working. have symatec brightmail message filter and endpoint protection installed. Please advise if anyone has a resolution.
0
ajc2c
Asked:
ajc2c
  • 3
  • 2
  • 2
  • +1
1 Solution
 
The_KirschiCommented:
To me it seems that the sonicwall is intercepting the traffic somehow. Seems that is listens on port 443 and does not forward the port to the OWA. Strange is that the OWA also does not work on the server. The 2009 certificate may also be from the sonicwall. Can you check who issued the certificate?
0
 
rpartingtonCommented:
Take the sonic wall out of the equation by starting from the easiest solution to fix first.
Forget connecting from externally
Ie check why you cant connect internally 1st.

depending on ySSL ie selected or not as a requirement internally check the below from a pc connected internally and joined to the domain.

https://servers_IP/exchange
or if ssl not required
http://servers_IP/exchange

Work from here onwards, you may need to issue another cert for the server which is simple enough. you can either issue one internally if you have an internal cert server to issue one, this wont be trusted externally but its usually the quickest to troubleshoot as you can issue it yourself quickly.
If you go for one of the external Free 30/60/90 day free trials from the likes of comodo or godaddy etc you have to wait for them to authenticate that you own the external domain name your using 1st before they will issue the cert, this isnt normally an issue BUT if your in a rush it can be a pain.

But forget getting to it externally 1st test it internally as I say you may have to issue a new cert to trouble shoot this
0
 
ajc2cAuthor Commented:
Good sugestions! I can get in internally and remote by using the ip address in the format https:\\public ip\exchange.....I can not get in using https:\\webmail.mycompany.com\exchange any thoughts on that?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
MegaNuk3Commented:
And I take it that webmail is in your DNS pointing at your public IP?
0
 
ajc2cAuthor Commented:
yes. checked it over a couple of times and verified it is pointed to correct ip address....that is also the firewall ip address....it then process a rule on firewall that redirects port 443 to the internal email address of the exchange webmail.......IIS is running and I see the ports open for 80, 443 for webmail. is there somewhere on IIS that resolves the name as well?
0
 
MegaNuk3Commented:
Good point, look at the properties of the web site in IIS, in particular where you see the IP address it is running on and see if you can see a 'Host header' value.
0
 
rpartingtonCommented:
When you say you cant get to it via
https:\\webmail.mycompany.com\exchange
What is the error message you get. If its just the this certificate is not trusted thats normal but judging by the fact you said you can get it via the ip address I guess you know that as you should have got that same message using the ip.
So what error do you actually get via the correct IP

also what happens if you try as a test
https:\\mycompany.com\exchange
https:\\webmail.mycompany.com
http:\\mycompany.com\exchange
http:\\webmail.mycompany.com
0
 
rpartingtonCommented:
Also you are trying the public dns via a pc that is NOT on the INTERNAL domain.
Ie not sat internally and trying to resolve your public DNS from within the internal domain.
I normally use logmein to remote out of the domain and then remote back in from a remote pc.

also you can check via

https://www.testexchangeconnectivity.com/
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now