• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 521
  • Last Modified:

ISA Server and Webmail

Morning all,
                   Having a little trouble with a client, they have changed the external IP with an ISP change. after the change the Webmail has stopped working. I have re routed 443/25/80 to the Exchange server and mail is still flowing.

They have an ISA Server

ISA Management
Microsoft Corporation
Version: 3.0.1200.365

Could this be adding any restriction to the incomming traffice, if so were do i need to begin to look?

Many thanks,
1 Solution
Sanjay SantokiCommented:

Please be sure you have modified OWA publishing rule on ISA server. Also there may be issue with the name resolution so ISA is not forwarding query to appropriate server.

Sanjay Santoki
Suliman Abu KharroubIT Consultant Commented:
>>I have re routed 443/25/80 to the Exchange server and mail is still flowing.

how do you did that please?

do you changed the web listener on OWA publish rule to listen in the new ip address ? also please click on test rule .... any errors ?
Leon FesterSenior Solutions ArchitectCommented:
Agreed with the above, most likely the listener is not configured on the correct IP.
A very good tool to help is troubleshoot this specific problem is
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

ncomperAuthor Commented:
Thanks for all the comments.

I need to confirm that 443 and 80 are hitting the server what's the best way to do this.

Also when connecting internally to localhost/exchange it seems to resolve the webmail and opens using the external address mailhost.domain.co.uk/exchweb. Is this a DNS issue what might be contributing.

Leon FesterSenior Solutions ArchitectCommented:
Best way to check for port 80 and 443 usage is:

1. Check the IIS logs on your exchange server.
Logging could be disabled so you may need to enable it first, then test connectivity and review the logs.
right-click the "default website"
click properties
On the "web site" tab near the bottom, check if "enable logging" is enabled.
Click properties to find the location of the log files, typically that location is c:\windows\system32\logfiles\w3svc1
Files are then appended with the current date.
e.g. exYYMMDD, ex110914.log

2. Check the live monitoring in ISA.
Open ISA management console
Click the monitoring options
Click the Logging tab
Default setting is usually
Log Record type = firewall or web proxy
Log time = Live
Click Start Query and the test and review the incoming and outgoing traffic.
In the results screen, move the slider to the right to see more details per line event.
Look for results under the protocol or destination port columns

Alternatively in ISA, open the monitoring console
ncomperAuthor Commented:
Thanks for your input. I have tried to do the above but i am not seeing any of those options available to me in the ISA Management Console.

Once in the ISA console and have tabs available to me on the right pane, these can be expanded to show the following folders:

Access Policy
Policy Elements
Cache Configuration
Monitoring Configuration
 -Report Jobs
Network Configuration
Client Configuration

I am not seeing an option to 'Start Query'. Can you elaborate a bit more?
Leon FesterSenior Solutions ArchitectCommented:
My bad, I assumed that everyone was already running 2004 or higher, didn't verify the version number,

For ISA 2000 you can see the options and screens for monitoring.
You're looking for the sessions under the monitoring folder.
ncomperAuthor Commented:
Its showing 28 active sessions.
Leon FesterSenior Solutions ArchitectCommented:
Sorry, but the last time I used ISA 2000 was about 8 years ago, I can't recall all the monitoring options/screens.
Have you tried option 2 above?

Option 3:
run "netstat -n" from a command prompt on the Exchange server.
Your looking for the following lines:
Active Connections
  Proto  Local Address          Foreign Address        State

The important part is the :80 and :443 in the local address
ncomperAuthor Commented:
Port :80 is showing as established but port :443 is not listed at all in the local addresses.
Leon FesterSenior Solutions ArchitectCommented:
443 will only be available if you have enabled it on IIS which will only be an option if you have a SSL Certificate installed on the server.

On the Exchange Server,
open IIS and navigate to your "Default Web Site"
Right-click "Default Web Site" and click properties
3 lines from the top you should see
TCP Port:
and SSL Port: next to it.
Enter 443
Click OK

SSL should then be enabled.
If you got an error when clicking OK then most likely there is not a valid certificate on that server.
ncomperAuthor Commented:
All of the above is already setup exactly as you have suggested. IIS, default website with TCP Port 80 and SSL 443. Any ideas where to go next?
Leon FesterSenior Solutions ArchitectCommented:
Then access your site on https://localhost/exchange

That is a direct connection to the 443 port.
If that works then 443 is listening
ncomperAuthor Commented:
Internally there is no issue, but trying to get to the webmail from an external POV still sees no progress.
Leon FesterSenior Solutions ArchitectCommented:
Did this ever work before?
Is there a Single Exchange Server or do you have a front-end and back-end configuration?

How did you configure the webmail for publishing on ISA?
Verify the installation requirements from this document

Lastly you can test your configuration by visiting the Microsoft site:
ncomperAuthor Commented:
Our Engineer is off today, ill get him to come backt o you

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now