SBS 2003 - Exchange remote web access - unabe to access over the internet


For some reason we can't access https://wan-ip/Exchange on one of our servers.
This worked fine until a few weeks ago. Internally (https://servername/Exchange) it works just fine. I've been searching alot for a solution but it seems nothing works.

Its a simple setup.
A linksys WAG54GS router (
that has DMZ enabled for the server IP (SBS 2003).

I've tested to manually set the ports on the router but no joy.
IE/Firefox/Chrome respond that the website didn't respond in time..

I checked all the perissions in IIS and compaired them wirh a working server,
It seems to me that all the settings are correct.
oh, and I  ran CEICW again and again trying to fix it, (no errors appear)

Who is Participating?
louisreevesConnect With a Mentor Commented:
Based on what you are saying, it sounds like you have excluded OWA and the server from being the problem. IF OWA works internally, that says alot. Provided you have the settijngs correct for external access, you should be good to go there. I have had instances where the rotuer just stopped forwarding the port. Try doin a reset and see if that helps. I dont know if you are using a certificate but if so, that changes the equation. Make sure the IIS binding is associated with the port. try using your public IP as https://publicip/exchange and see if you get a page. if you do, then you have it narrowed down to DNS> I have heard if you have a name problem, you can put a random name into the connect to internet wizard and then run it again and put the name back and it may take care of a name problem. If your issue still lingers with using the IP then I think you have a routing problem of some type IE domiain registrar, router. etc.... if you have checked everything and you know for a fact that its not

1. DNS
2. Certificate bindings
3. External recored domain registrar related
4. Rotuer/firewall
5. virtual directories are all correct

The I would concider rebuilding your virtual directories- My vote is its a firewall or something.

: SBS2003, Exchange 2003 & Mobile ActiveSync


This is top to bottom- setting to look at acoss all diectoies

I.Please verify Authentication settings by the following steps.

For Exchange-oma virtual directory:

1. Open IIS Manager

2. Open properties of virtual directory Exchange-oma

3. Select Directory Security tab

4. Select Edit in Authentication and access control box. Make sure the
authentication setting as below:

Authentication Methods

Enabled Basic authentication

Enabled Integrated Windows authentication

Disabled anonymous access

Note:If you need to use SSL on the Exchange virtual directory, you may
create the Exchange-OMA virtual directory for the OMA and ActiveSync and
don't use SSL on the Exchange-OMA virtual directory.

For OMA virtual directory and Microsoft-Server-ActiveSync virtual directory:

1. Open IIS Manager

2. Open properties of OMA virtual directory and Microsoft-Server-ActiveSync
virtual directory respectively.

3. Select Directory Security tab

4. Select Edit in Authentication and access control box. Make sure the
authentication setting as below:

Authentication Methods

Uncheck Enable anonymous access

Uncheck Integrated Windows authentication

Check Basic authentication

After that, please restart the IIS Admin Service (services.msc) and then
verify the issue.

II. if issue still occur, refer to the KB article 883380 to rebuild the
DS2MB of IIS server and manually create exchange-oma VD to see if the issue

Step 1: Rebuild the DS2MB of IIS server. To do so:

1. Go to Internet Services Manager and delete the following virtual






2. Open Metabase Explorer and expand LM > DS2MB > HighWaterMarks > GUID

3. Double click the entry which has a 5-digit number in the data folder in
the right pane of the GUID folder.

4. Replace the number in the Data field with 0 (zero) and then click OK.
Close Metaedit

5. Run services.msc and right click IIS Admin Service, and then click
Restart to restart the service.

6. Restart the System Attendant. After that, these virtual directories can
be created.

7. Then please re-run CEICW to configure network connection.

More detailed information is addressed in the following article:

883380 How to reset the default virtual directories for Outlook Web Access
in Exchange Server 2003

I hope this helps some.

BenderamaAuthor Commented:
Thanks for a great reply,

In all the solutions I've read everyone said to look in the
exchange virtual directory. Now I see my problem was in the exchange-oma directory. Under security, it was set to access denied to all accept a few IP adresses. I think someone manually changed this because all the local client IP's where filled in. Weird..

Thanks louisreeves
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.