• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1496
  • Last Modified:

Sonicwall SSL interfering with mail server SSL

We have a Sonicwall TZ100. We're having problems with the a droid phone connecting to the mail server. When we run the mail test from https://www.testexchangeconnectivity.com we get the below. I think the sonicwall is interfering with the SSL cert because the ip address listed in the SSL on this is 192.168.168.168 which is the default IP address of the sonicwall out of the box which we changed and not out internal mail server. Can anyone tell me how to let the connection bypass this?



ExRCA is testing Exchange ActiveSync.
       The Exchange ActiveSync test failed.
       
      Test Steps
       
      Attempting to resolve the host name mail.mydomain.com in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.mydomain.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.mydomain.com on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US, Issuer: CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.mydomain.com doesn't match any name found on the server certificate CN=192.168.168.168, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US.
0
Axis52401
Asked:
Axis52401
  • 2
1 Solution
 
Greg HejlPrincipal ConsultantCommented:
looks like port 443 is not being forwarded to your mailserver.

if you already made the NAT rules - edit the services object for your mail server to include port 443
0
 
Axis52401Security AnalystAuthor Commented:
It shows HTTPS is that the same thing?
0
 
Greg HejlPrincipal ConsultantCommented:
yes
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now