Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 576
  • Last Modified:

Cisco router grabbing cert request

I'm trying to setup outlook anywhere.  I have done it successfully in 2 other places but here the cisco box seems to be grabbing the certificate request.  I have a legit certificate on the 2010 exchange box but from this test it appears to be grabbing it from the cisco firewall/router.  The mac address listed is from the internal lan interface of the router.  I have checked the settings against my similar router and they both seem to match up.  Any ideas?


      Attempting to resolve the host name in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.xxxx to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.xxxx on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78, Issuer: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.xxxx doesn't match any name found on the server certificate SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
0
cacchip1
Asked:
cacchip1
  • 4
  • 2
  • 2
2 Solutions
 
ArneLoviusCommented:
I would guess that there is no port forward from port 443 on the Linksys router to the CAS server.
0
 
cacchip1Author Commented:
Yes there is a forward and I have also tried setting the mail server as a DMZ box and removing all the other forwards.
0
 
FrabbleCommented:
Checking through the maual for the RV042, there is an https option in the general firewall configuration enabled by default if Remote Mangement is enabled. This will certainly intercept any TCP 443 connections to the WAN address. Try disabling the https feature.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
cacchip1Author Commented:
Remote management is not enabled but turning off https management access fixed the certificate issue at least.  Now it is barking about http in general.  
Testing HTTP Authentication Methods for URL https://mail.xxxx/rpc/rpcproxy.dll?xxxx:6002.
       The HTTP authentication test failed.
       
      Additional Details
       A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
0
 
ArneLoviusCommented:
that would be on port 6002 which shouldn't be required

what are you testing with ?
0
 
cacchip1Author Commented:
Both results came from https://www.testexchangeconnectivity.com.  I am also testing with Outlook directly.   The certificate errors have stopped but now out it wont let me authenticate when I try with Outlook.
0
 
FrabbleCommented:
The new error indicates a problem with RPC. Microsoft is a good starting point:
http://technet.microsoft.com/en-us/library/aa996644(v=exchg.65).aspx
0
 
cacchip1Author Commented:
Thanks guys RPC issue was the final piece of this puzzle.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now