OWA 2010 via Sonicwall SRA 1200

Posted on 2011-10-12
Medium Priority
Last Modified: 2012-05-12
I am in the process of moving from Exchange 2007 to Exchange 2010. So far most of the process has gone relatively smoothly.
The only problem I am running into is enabling access to the OWA 2010 via our Sonicwall SRA 1200 VPN device. When I create a bookmark to the site we are able to load the OWA page and see their inbox; however, if we try to open an e-mail we get an error: "Your request couldn't be completed. This may have occurred for security reasons or because your session timed out."
If I am inside the network and go directly to the page or if use application offloading then everything works fine.
Does anyone know have any idea why the SSL VPN bookmark would fail when all other methods seems to work?
Question by:Hawkeye_11105
  • 4
  • 3
LVL 26

Expert Comment

ID: 36961448
When I create a bookmark to the site we are able to load the OWA page and see their inbox
>> What is the URL @ the Browser when you see the mails?

1. Do you authentication again when you open\acecss this book mark?

LVL 28

Expert Comment

ID: 36965263
a) Did you configure NAT Policys on Sonicwall after the migration.
b) Are these domain joined computers where you are creating bookmarks ?

Author Comment

ID: 36965285
a) This is a VPN device not a firewall so there are no NAT policies to configure on it. They are configured on the firewall. The fact that the page would load implies to me that the NAT policy is working. The errors start after the Inbox is showing-then I can't open any e-mails.

b) No the computers are not joined to the domain but when I try to use the bookmark on a computer in the domain I do get the same error message.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

LVL 28

Expert Comment

ID: 36965324
No the computers are not joined to the domain but when I try to use the bookmark on a computer in the domain I do get the same error message.
>> That's why you are getting this error.

Lets' try something
> control Panel > user accounts
Click on Advanced / Manage Your Credentials (depends on OS)

You will get an option there to add credential
Try both
and logon as domain\username with password

and - ADSERVER.domain.local and logon as domain\username

let me know if it works.
I have configured non domain joined XP workstations like this.

Author Comment

ID: 36965355
The url is https://vpn.<mydomain.org>/go/https://mail.<server.org>/owa/
Where <mydomain.org> is the external URL to my SSL VPN and <server.org> is the FQDN for the internal Exchange 2010 machine.

I have enabled Single-sign on so I wouldn't need to authenticate. I then disabled it and was prompted to sign in with the same result.

It obviously has something to do with the reverse proxy URL that is generated by the SRA 1200

Accepted Solution

Hawkeye_11105 earned 0 total points
ID: 36965420

Thanks but the point behind using an SSL VPN is for people working from home or a different computer to have access to the network resources. It is not practical for me to make changes like the ones proposed.
I think, for now, I am going to have to just let the users have to use Outlook Web Access without going through the SonicWall's HTTPS bookmark. Adds the extra log in step but people will have to deal with it.
LVL 28

Expert Comment

ID: 36965511
I agree.
That's the purpose of OWA.
That solution might work for 2-3 users, but doesnt scale for deployment.

Author Closing Comment

ID: 37087284
I have not yet figured out how to fix the issue. I was just able to work around it

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question