Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco router grabbing cert request

Posted on 2013-01-29
8
Medium Priority
?
573 Views
Last Modified: 2013-01-30
I'm trying to setup outlook anywhere.  I have done it successfully in 2 other places but here the cisco box seems to be grabbing the certificate request.  I have a legit certificate on the 2010 exchange box but from this test it appears to be grabbing it from the cisco firewall/router.  The mac address listed is from the internal lan interface of the router.  I have checked the settings against my similar router and they both seem to match up.  Any ideas?


      Attempting to resolve the host name in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.xxxx to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.xxxx on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78, Issuer: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.xxxx doesn't match any name found on the server certificate SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
0
Comment
Question by:cacchip1
  • 4
  • 2
  • 2
8 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38835666
I would guess that there is no port forward from port 443 on the Linksys router to the CAS server.
0
 

Author Comment

by:cacchip1
ID: 38836389
Yes there is a forward and I have also tried setting the mail server as a DMZ box and removing all the other forwards.
0
 
LVL 15

Assisted Solution

by:Frabble
Frabble earned 2000 total points
ID: 38837433
Checking through the maual for the RV042, there is an https option in the general firewall configuration enabled by default if Remote Mangement is enabled. This will certainly intercept any TCP 443 connections to the WAN address. Try disabling the https feature.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 

Author Comment

by:cacchip1
ID: 38837537
Remote management is not enabled but turning off https management access fixed the certificate issue at least.  Now it is barking about http in general.  
Testing HTTP Authentication Methods for URL https://mail.xxxx/rpc/rpcproxy.dll?xxxx:6002.
       The HTTP authentication test failed.
       
      Additional Details
       A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38837587
that would be on port 6002 which shouldn't be required

what are you testing with ?
0
 

Author Comment

by:cacchip1
ID: 38837637
Both results came from https://www.testexchangeconnectivity.com.  I am also testing with Outlook directly.   The certificate errors have stopped but now out it wont let me authenticate when I try with Outlook.
0
 
LVL 15

Accepted Solution

by:
Frabble earned 2000 total points
ID: 38837717
The new error indicates a problem with RPC. Microsoft is a good starting point:
http://technet.microsoft.com/en-us/library/aa996644(v=exchg.65).aspx
0
 

Author Closing Comment

by:cacchip1
ID: 38837733
Thanks guys RPC issue was the final piece of this puzzle.
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question