Solved

No access to OWA since public IP address change.

Posted on 2012-03-21
9
1,746 Views
Last Modified: 2012-04-09
I recently needed to change our static public IP address for our domain so our network could use a new fibre link rather than an older slower copper one. Our Exchange server 2010 on an SBS 2011 DC had worked and run OWA fine until the change-over. Now my users can't log in remotely athough OWA works fine internally.

I also changed the router from a Netgear FVS318 to a Cisco-branded Lynksys RV042 for a VPN to a branch office and have forwarded both ports 80 & 443 on the router to the Exchange server but externally only port 443 appears to be open and traffic can't pass through 80 to the server. Our ISP has confirmed they are not blocking port 80 and I can telnet the server on 80 from the internal network.

Looking at the IIS Manager i notice that there is a question mark over the globe for 'Default Web Site' and there doesn't seem to be a clue as to what the ? mark is referring to.

Would the server be blocking access via HTTP to port 80 from the router? Could there be an issue with the bidings. Or could I have a fault with the router?
0
Comment
Question by:astgpaul
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Assisted Solution

by:micropc1
micropc1 earned 125 total points
Comment Utility
My first thought would be an issue at the gateway. Have you checked your NAT configuration and firewall settings?
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
What you dont mention is have you changed your external DNS records that point at your webmail ?
This will need to point to your new external IP and not the old one.
0
 
LVL 47

Assisted Solution

by:dlethe
dlethe earned 250 total points
Comment Utility
A few things
 - make sure all those registry settings and configuration files don't have the IP number hardwired in any of the OWA services.

You might also create another OWA instance (been years, I THINK you can do this) that uses the domain name, and just see if that instance works.  If it does, then you are home free.

Purge all arp tables & DNS stuuff
0
 

Author Comment

by:astgpaul
Comment Utility
Thanks for all coming back so quickly. I'm wondering if this is a certificate issue. If I try to connect using https I get a warning about an insecure site, accept the warning, register the exception and then get a 404 Not Found 'The requested URL /owa was not found on this server'
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 125 total points
Comment Utility
I repeat as you have not answered. Have you updated your external DNS records and confirmed that replication/propergation has taken place?

do you get the correct IP address if you try

PING yourwebmailserver.yourdomin.com  from an EXTERNAL computer?
0
 

Author Comment

by:astgpaul
Comment Utility
Neilsr - I have considered your comments about the dns records and I'm going to look into this when the domain hosting company open in the morning (I'm in the UK).

Thanks - I'll let you know.
0
 
LVL 47

Accepted Solution

by:
dlethe earned 250 total points
Comment Utility
If you can get to a unix box do this, assuming your domain is xyz.co.uk and dns is ns0.myisp.com


nslookup
set host ns0.myisp.com
set type=any
xyz.co.uk.

This will reveal everything that the DNS server is putting out there, including the MX records and the TTL.

You can then repeat by doing another set host  and use a different name server, to see what any nameserver of your choice is presenting.  Maybe one of your internal machines or the sbs server itself is wrong.
0
 

Author Closing Comment

by:astgpaul
Comment Utility
Thanks to those that provided suggestions. It would appear the router can't port forward 443 while also handling VPN.
0
 
LVL 47

Expert Comment

by:dlethe
Comment Utility
Really? What router is that.  (So I can be sure to avoid that POS)
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now