Solved

Cisco router grabbing cert request

Posted on 2013-01-29
8
549 Views
Last Modified: 2013-01-30
I'm trying to setup outlook anywhere.  I have done it successfully in 2 other places but here the cisco box seems to be grabbing the certificate request.  I have a legit certificate on the 2010 exchange box but from this test it appears to be grabbing it from the cisco firewall/router.  The mac address listed is from the internal lan interface of the router.  I have checked the settings against my similar router and they both seem to match up.  Any ideas?


      Attempting to resolve the host name in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.xxxx to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.xxxx on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78, Issuer: SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name mail.xxxx doesn't match any name found on the server certificate SN=California, L=Irvine, C=US, O="Cisco-Linksys, LLC", OU=RV042, CN=68:ef:bd:b8:0f:78.
0
Comment
Question by:cacchip1
  • 4
  • 2
  • 2
8 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38835666
I would guess that there is no port forward from port 443 on the Linksys router to the CAS server.
0
 

Author Comment

by:cacchip1
ID: 38836389
Yes there is a forward and I have also tried setting the mail server as a DMZ box and removing all the other forwards.
0
 
LVL 15

Assisted Solution

by:Frabble
Frabble earned 500 total points
ID: 38837433
Checking through the maual for the RV042, there is an https option in the general firewall configuration enabled by default if Remote Mangement is enabled. This will certainly intercept any TCP 443 connections to the WAN address. Try disabling the https feature.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:cacchip1
ID: 38837537
Remote management is not enabled but turning off https management access fixed the certificate issue at least.  Now it is barking about http in general.  
Testing HTTP Authentication Methods for URL https://mail.xxxx/rpc/rpcproxy.dll?xxxx:6002.
       The HTTP authentication test failed.
       
      Additional Details
       A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38837587
that would be on port 6002 which shouldn't be required

what are you testing with ?
0
 

Author Comment

by:cacchip1
ID: 38837637
Both results came from https://www.testexchangeconnectivity.com.  I am also testing with Outlook directly.   The certificate errors have stopped but now out it wont let me authenticate when I try with Outlook.
0
 
LVL 15

Accepted Solution

by:
Frabble earned 500 total points
ID: 38837717
The new error indicates a problem with RPC. Microsoft is a good starting point:
http://technet.microsoft.com/en-us/library/aa996644(v=exchg.65).aspx
0
 

Author Closing Comment

by:cacchip1
ID: 38837733
Thanks guys RPC issue was the final piece of this puzzle.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ensuring effective and secure communication in the age of healthcare BYOD.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question