• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1095
  • Last Modified:

OWA (Exchange 2003) with SonicWall TZ 190

Hi,

We've had a power cut earlier which messed up our SonicWall (TZ 190, SonicOS Enhanced 4.2.1.3-4e). Half of our NAT rules went missing, firewall rules had wrong IP addresses etc. - no idea what happened there.
I've changed all the rules and everything is working again - apart from OWA and Active Sync.

I'm confident that NAT is working fine - there's a couple of other firewall rules using the same address objects etc. which are working fine. (Mimecast access for LDAP synchronisation and SMTP acccess for example).

The firewall rule configured allows POP 3, HTTP and HTTPS.
POP 3 access is working, HTTPS access isn't. I have changed the IIS config for OWA temporarily to not require SSL and I can access it fine through HTTP. When SSL is enabled I also receive the message to say that I need to access it via https.
However, when accessing it via https all I get is "Page cannot be displayed". Everything is fine internally - just not working externally. Nothing in the logs. Accessing it via the IP address doesn't work either so I'm pretty certain there's a problem with the SonicWall.

I've created a new rule allowing HTTPS from any source to any source to test and this isn't working either.

Does anyone have any ideas? I'm absolutely lost.

Many thanks
0
Minime85
Asked:
Minime85
  • 3
  • 2
  • 2
  • +1
1 Solution
 
AmitIT ArchitectCommented:
I suggest to test from below site and check where it fails.

https://www.testexchangeconnectivity.com/

That might help you to identify the root cause and possible solution
0
 
Minime85Author Commented:
Many thanks for your reply - as expected, it fails connecting to port 443...
However, there's a rule to allow access from anywhere to our Exchange server for HTTP and HTTPS. WAN to LAN.
(And temporarily another one allowing access from anywhere to anywhere for HTTP and HTTPS).
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Exchange_GeekCommented:
You've followed the link

Regards,
Exchange_Geek
0
 
Minime85Author Commented:
Thanks for the two links...

@Exchange_Geek - yes, I've tried using the wizard, though I'm comfortable setting up NAT rules/firewall rules manually.

@amitkulsherata - I don't think ActiveSync is the problem, it's working internally (just like OWA), just not externally. I'm convinced it's a problem with the Sonicwall...

I'll try installing a later firmware tomorrow morning (we're on the latest stable version but there was one early release since) - if that fails too we'll have to live with it for a couple of weeks (a NSA 200 is on order to replace the old one anyway).

Regards
0
 
ExchangePanditCommented:
I have encountered a similar issue but not with SONICWALL firewall, it was a low level firewall and all seems to work (NAT wise) apart from HTTPS, now what I found was that the firewall had assigned port 443 for VPN which was creating 443 traffic to hit the firewall but not go anywhere else and I was getting page cannot be displayed as well. After changing the VPN SSL port to something like 444 I was able to get that working.

Secondly also check whether remote management on the firewall is enabled on port 443 and if it is then change the port to something else.

cheers
0
 
Minime85Author Commented:
Argh, it was the remote management port... Had changed that previously in the office and it hasn't done anything but seemingly changing it again now fixed it.

Thank you ExchangePandit!
0
 
ExchangePanditCommented:
you are most welcome.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now