OWA 2010 via Sonicwall SRA 1200

Posted on 2011-10-12
Last Modified: 2012-05-12
I am in the process of moving from Exchange 2007 to Exchange 2010. So far most of the process has gone relatively smoothly.
The only problem I am running into is enabling access to the OWA 2010 via our Sonicwall SRA 1200 VPN device. When I create a bookmark to the site we are able to load the OWA page and see their inbox; however, if we try to open an e-mail we get an error: "Your request couldn't be completed. This may have occurred for security reasons or because your session timed out."
If I am inside the network and go directly to the page or if use application offloading then everything works fine.
Does anyone know have any idea why the SSL VPN bookmark would fail when all other methods seems to work?
Question by:Hawkeye_11105
    LVL 26

    Expert Comment

    When I create a bookmark to the site we are able to load the OWA page and see their inbox
    >> What is the URL @ the Browser when you see the mails?

    1. Do you authentication again when you open\acecss this book mark?

    LVL 28

    Expert Comment

    a) Did you configure NAT Policys on Sonicwall after the migration.
    b) Are these domain joined computers where you are creating bookmarks ?

    Author Comment

    a) This is a VPN device not a firewall so there are no NAT policies to configure on it. They are configured on the firewall. The fact that the page would load implies to me that the NAT policy is working. The errors start after the Inbox is showing-then I can't open any e-mails.

    b) No the computers are not joined to the domain but when I try to use the bookmark on a computer in the domain I do get the same error message.
    LVL 28

    Expert Comment

    No the computers are not joined to the domain but when I try to use the bookmark on a computer in the domain I do get the same error message.
    >> That's why you are getting this error.

    Lets' try something
    > control Panel > user accounts
    Click on Advanced / Manage Your Credentials (depends on OS)

    You will get an option there to add credential
    Try both
    and logon as domain\username with password

    and - ADSERVER.domain.local and logon as domain\username

    let me know if it works.
    I have configured non domain joined XP workstations like this.

    Author Comment

    The url is https://vpn.<>/go/https://mail.<>/owa/
    Where <> is the external URL to my SSL VPN and <> is the FQDN for the internal Exchange 2010 machine.

    I have enabled Single-sign on so I wouldn't need to authenticate. I then disabled it and was prompted to sign in with the same result.

    It obviously has something to do with the reverse proxy URL that is generated by the SRA 1200

    Accepted Solution


    Thanks but the point behind using an SSL VPN is for people working from home or a different computer to have access to the network resources. It is not practical for me to make changes like the ones proposed.
    I think, for now, I am going to have to just let the users have to use Outlook Web Access without going through the SonicWall's HTTPS bookmark. Adds the extra log in step but people will have to deal with it.
    LVL 28

    Expert Comment

    I agree.
    That's the purpose of OWA.
    That solution might work for 2-3 users, but doesnt scale for deployment.

    Author Closing Comment

    I have not yet figured out how to fix the issue. I was just able to work around it

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now