Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ISA Server and Webmail

Posted on 2011-09-12
16
Medium Priority
?
488 Views
Last Modified: 2012-05-12
Morning all,
                   Having a little trouble with a client, they have changed the external IP with an ISP change. after the change the Webmail has stopped working. I have re routed 443/25/80 to the Exchange server and mail is still flowing.

They have an ISA Server

ISA Management
Microsoft Corporation
Version: 3.0.1200.365

Could this be adding any restriction to the incomming traffice, if so were do i need to begin to look?

Many thanks,
0
Comment
Question by:ncomper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 36521580
Hello,

Please be sure you have modified OWA publishing rule on ISA server. Also there may be issue with the name resolution so ISA is not forwarding query to appropriate server.

Thanks,
Sanjay Santoki
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36522201
>>I have re routed 443/25/80 to the Exchange server and mail is still flowing.

how do you did that please?


do you changed the web listener on OWA publish rule to listen in the new ip address ? also please click on test rule .... any errors ?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36522238
Agreed with the above, most likely the listener is not configured on the correct IP.
A very good tool to help is troubleshoot this specific problem is
https://www.testexchangeconnectivity.com
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 5

Author Comment

by:ncomper
ID: 36534501
Thanks for all the comments.

I need to confirm that 443 and 80 are hitting the server what's the best way to do this.

Also when connecting internally to localhost/exchange it seems to resolve the webmail and opens using the external address mailhost.domain.co.uk/exchweb. Is this a DNS issue what might be contributing.

Thanks
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36534842
Best way to check for port 80 and 443 usage is:

1. Check the IIS logs on your exchange server.
Logging could be disabled so you may need to enable it first, then test connectivity and review the logs.
In IIS,
right-click the "default website"
click properties
On the "web site" tab near the bottom, check if "enable logging" is enabled.
Click properties to find the location of the log files, typically that location is c:\windows\system32\logfiles\w3svc1
Files are then appended with the current date.
e.g. exYYMMDD, ex110914.log

2. Check the live monitoring in ISA.
Open ISA management console
Click the monitoring options
Click the Logging tab
Default setting is usually
Log Record type = firewall or web proxy
Log time = Live
Click Start Query and the test and review the incoming and outgoing traffic.
In the results screen, move the slider to the right to see more details per line event.
Look for results under the protocol or destination port columns


Alternatively in ISA, open the monitoring console
0
 
LVL 5

Author Comment

by:ncomper
ID: 36535577
Thanks for your input. I have tried to do the above but i am not seeing any of those options available to me in the ISA Management Console.

Once in the ISA console and have tabs available to me on the right pane, these can be expanded to show the following folders:

Monitoring
 -Alerts
 -Services
 -Sessions
 -Reports
Computer
Access Policy
Publishing
Policy Elements
Cache Configuration
Monitoring Configuration
 -Alerts
 -Logs
 -Report Jobs
Extensions
Network Configuration
Client Configuration

I am not seeing an option to 'Start Query'. Can you elaborate a bit more?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36535795
My bad, I assumed that everyone was already running 2004 or higher, didn't verify the version number,

For ISA 2000 you can see the options and screens for monitoring.
You're looking for the sessions under the monitoring folder.
http://www.isaserver.org/tutorials/Monitoring_ISA_Server.html
0
 
LVL 5

Author Comment

by:ncomper
ID: 36535902
Its showing 28 active sessions.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36535954
Sorry, but the last time I used ISA 2000 was about 8 years ago, I can't recall all the monitoring options/screens.
Have you tried option 2 above?

Option 3:
run "netstat -n" from a command prompt on the Exchange server.
Your looking for the following lines:
Active Connections
  Proto  Local Address          Foreign Address        State
  TCP    10.1.1.62:80           10.3.153.12:4509       ESTABLISHED
  TCP    10.1.1.62:443           10.3.153.12:4509       ESTABLISHED

The important part is the :80 and :443 in the local address
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536021
Port :80 is showing as established but port :443 is not listed at all in the local addresses.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36536050
443 will only be available if you have enabled it on IIS which will only be an option if you have a SSL Certificate installed on the server.

On the Exchange Server,
open IIS and navigate to your "Default Web Site"
Right-click "Default Web Site" and click properties
3 lines from the top you should see
TCP Port:
and SSL Port: next to it.
Enter 443
Click OK

SSL should then be enabled.
If you got an error when clicking OK then most likely there is not a valid certificate on that server.
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536107
All of the above is already setup exactly as you have suggested. IIS, default website with TCP Port 80 and SSL 443. Any ideas where to go next?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 36536287
Then access your site on https://localhost/exchange

That is a direct connection to the 443 port.
If that works then 443 is listening
0
 
LVL 5

Author Comment

by:ncomper
ID: 36536319
Internally there is no issue, but trying to get to the webmail from an external POV still sees no progress.
0
 
LVL 26

Accepted Solution

by:
Leon Fester earned 2000 total points
ID: 36538545
Did this ever work before?
Is there a Single Exchange Server or do you have a front-end and back-end configuration?

How did you configure the webmail for publishing on ISA?
Verify the installation requirements from this document
http://support.microsoft.com/kb/290113

Lastly you can test your configuration by visiting the Microsoft site:
https://www.testexchangeconnectivity.com
0
 
LVL 5

Author Comment

by:ncomper
ID: 36929639
Our Engineer is off today, ill get him to come backt o you

Thanks
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question