Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

ISA Server and Webmail

Posted on 2011-09-12
16
470 Views
Last Modified: 2012-05-12
Morning all,
                   Having a little trouble with a client, they have changed the external IP with an ISP change. after the change the Webmail has stopped working. I have re routed 443/25/80 to the Exchange server and mail is still flowing.

They have an ISA Server

ISA Management
Microsoft Corporation
Version: 3.0.1200.365

Could this be adding any restriction to the incomming traffice, if so were do i need to begin to look?

Many thanks,
0
Comment
Question by:ncomper
16 Comments
 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 36521580
Hello,

Please be sure you have modified OWA publishing rule on ISA server. Also there may be issue with the name resolution so ISA is not forwarding query to appropriate server.

Thanks,
Sanjay Santoki
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36522201
>>I have re routed 443/25/80 to the Exchange server and mail is still flowing.

how do you did that please?


do you changed the web listener on OWA publish rule to listen in the new ip address ? also please click on test rule .... any errors ?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36522238
Agreed with the above, most likely the listener is not configured on the correct IP.
A very good tool to help is troubleshoot this specific problem is
https://www.testexchangeconnectivity.com
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 5

Author Comment

by:ncomper
ID: 36534501
Thanks for all the comments.

I need to confirm that 443 and 80 are hitting the server what's the best way to do this.

Also when connecting internally to localhost/exchange it seems to resolve the webmail and opens using the external address mailhost.domain.co.uk/exchweb. Is this a DNS issue what might be contributing.

Thanks
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36534842
Best way to check for port 80 and 443 usage is:

1. Check the IIS logs on your exchange server.
Logging could be disabled so you may need to enable it first, then test connectivity and review the logs.
In IIS,
right-click the "default website"
click properties
On the "web site" tab near the bottom, check if "enable logging" is enabled.
Click properties to find the location of the log files, typically that location is c:\windows\system32\logfiles\w3svc1
Files are then appended with the current date.
e.g. exYYMMDD, ex110914.log

2. Check the live monitoring in ISA.
Open ISA management console
Click the monitoring options
Click the Logging tab
Default setting is usually
Log Record type = firewall or web proxy
Log time = Live
Click Start Query and the test and review the incoming and outgoing traffic.
In the results screen, move the slider to the right to see more details per line event.
Look for results under the protocol or destination port columns


Alternatively in ISA, open the monitoring console
0
 
LVL 5

Author Comment

by:ncomper
ID: 36535577
Thanks for your input. I have tried to do the above but i am not seeing any of those options available to me in the ISA Management Console.

Once in the ISA console and have tabs available to me on the right pane, these can be expanded to show the following folders:

Monitoring
 -Alerts
 -Services
 -Sessions
 -Reports
Computer
Access Policy
Publishing
Policy Elements
Cache Configuration
Monitoring Configuration
 -Alerts
 -Logs
 -Report Jobs
Extensions
Network Configuration
Client Configuration

I am not seeing an option to 'Start Query'. Can you elaborate a bit more?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36535795
My bad, I assumed that everyone was already running 2004 or higher, didn't verify the version number,

For ISA 2000 you can see the options and screens for monitoring.
You're looking for the sessions under the monitoring folder.
http://www.isaserver.org/tutorials/Monitoring_ISA_Server.html
0
 
LVL 5

Author Comment

by:ncomper
ID: 36535902
Its showing 28 active sessions.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36535954
Sorry, but the last time I used ISA 2000 was about 8 years ago, I can't recall all the monitoring options/screens.
Have you tried option 2 above?

Option 3:
run "netstat -n" from a command prompt on the Exchange server.
Your looking for the following lines:
Active Connections
  Proto  Local Address          Foreign Address        State
  TCP    10.1.1.62:80           10.3.153.12:4509       ESTABLISHED
  TCP    10.1.1.62:443           10.3.153.12:4509       ESTABLISHED

The important part is the :80 and :443 in the local address
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536021
Port :80 is showing as established but port :443 is not listed at all in the local addresses.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36536050
443 will only be available if you have enabled it on IIS which will only be an option if you have a SSL Certificate installed on the server.

On the Exchange Server,
open IIS and navigate to your "Default Web Site"
Right-click "Default Web Site" and click properties
3 lines from the top you should see
TCP Port:
and SSL Port: next to it.
Enter 443
Click OK

SSL should then be enabled.
If you got an error when clicking OK then most likely there is not a valid certificate on that server.
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536107
All of the above is already setup exactly as you have suggested. IIS, default website with TCP Port 80 and SSL 443. Any ideas where to go next?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36536287
Then access your site on https://localhost/exchange

That is a direct connection to the 443 port.
If that works then 443 is listening
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536319
Internally there is no issue, but trying to get to the webmail from an external POV still sees no progress.
0
 
LVL 26

Accepted Solution

by:
Leon Fester earned 500 total points
ID: 36538545
Did this ever work before?
Is there a Single Exchange Server or do you have a front-end and back-end configuration?

How did you configure the webmail for publishing on ISA?
Verify the installation requirements from this document
http://support.microsoft.com/kb/290113

Lastly you can test your configuration by visiting the Microsoft site:
https://www.testexchangeconnectivity.com
0
 
LVL 5

Author Comment

by:ncomper
ID: 36929639
Our Engineer is off today, ill get him to come backt o you

Thanks
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question