Solved

Cisco router grabbing cert request

Posted on 2013-01-29
8
543 Views
Last Modified: 2013-01-30
I'm trying to setup outlook anywhere.  I have done it successfully in 2 other places but here the cisco box seems to be grabbing the certificate request.  I have a legit certificate on the 2010 exchange box but from this test it appears to be grabbing it from the cisco firewall/router.  The mac address listed is from the internal lan interface of the router.  I have checked the settings against my similar router and they both seem to match up.  Any ideas?


      Attempting to resolve the host name in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.xxxx to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.xxxx on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78, Issuer: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.xxxx doesn't match any name found on the server certificate SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
0
Comment
Question by:cacchip1
  • 4
  • 2
  • 2
8 Comments
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38835666
I would guess that there is no port forward from port 443 on the Linksys router to the CAS server.
0
 

Author Comment

by:cacchip1
ID: 38836389
Yes there is a forward and I have also tried setting the mail server as a DMZ box and removing all the other forwards.
0
 
LVL 15

Assisted Solution

by:Frabble
Frabble earned 500 total points
ID: 38837433
Checking through the maual for the RV042, there is an https option in the general firewall configuration enabled by default if Remote Mangement is enabled. This will certainly intercept any TCP 443 connections to the WAN address. Try disabling the https feature.
0
 

Author Comment

by:cacchip1
ID: 38837537
Remote management is not enabled but turning off https management access fixed the certificate issue at least.  Now it is barking about http in general.  
Testing HTTP Authentication Methods for URL https://mail.xxxx/rpc/rpcproxy.dll?xxxx:6002.
       The HTTP authentication test failed.
       
      Additional Details
       A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 36

Expert Comment

by:ArneLovius
ID: 38837587
that would be on port 6002 which shouldn't be required

what are you testing with ?
0
 

Author Comment

by:cacchip1
ID: 38837637
Both results came from https://www.testexchangeconnectivity.com.  I am also testing with Outlook directly.   The certificate errors have stopped but now out it wont let me authenticate when I try with Outlook.
0
 
LVL 15

Accepted Solution

by:
Frabble earned 500 total points
ID: 38837717
The new error indicates a problem with RPC. Microsoft is a good starting point:
http://technet.microsoft.com/en-us/library/aa996644(v=exchg.65).aspx
0
 

Author Closing Comment

by:cacchip1
ID: 38837733
Thanks guys RPC issue was the final piece of this puzzle.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now