Cannot connect to Exchange OWA over Cisco Site to Site VPN

Posted on 2013-09-05
Medium Priority
Last Modified: 2013-10-06

I am unable to access Exchange OWA from a remote office connected to main office via a Cisco site to site VPN.
Exchange 2013 sever is located at main office on a /24 subnet.
Remote office is on a /24 subnet.
Cisco 860 router each end with IPSEC VPN.
Each office has own AD domain, DNS secondary zones for the alternate office are configured at each other office.
I can successfully ping the FQDN of the Exchange server from the remote office and it resolves to the Exchange server's local IP address on the /24 subnet.
I can connect from the remote office to other devices located at the main office via TLS/SSL no problem.
OWA is working fine from main office connecting locally and every where else via Internet.
When I try to open OWA at the remote office I just get a Page cannot be displayed error.
What should I be looking at to resolve this issue?

Thanks in advance...
Question by:TRBR

Expert Comment

ID: 39468798
From the command prompt run the following.  Replace OWA with the email server name.  The trace will stop at the problem network device.

tracert OWA

Author Comment

ID: 39468811
The trace completes successfully to the Exchange server from the remote site

Expert Comment

ID: 39472908

Let me know first, thats exactly error that you are gettign while accessing OWA from remote site .

Thank You!
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!


Author Comment

ID: 39478398
I just get the standard "This page can't be displayed" in Internet Explorer 10
I can connect from the remote site to web interfaces of other devices at the main site using https no problem.
LVL 43

Expert Comment

ID: 39498511
I think you need to add a NAT exception to the outside interface of the ASA so that it doesn't NAT the exchange server when sending traffic to the remote site through the outside interface.

Author Comment

ID: 39500706
I've just rechecked the config of the router and it does look to me that a NAT exemption is in place for the /24 subnet when the destination is the /24 subnet

These are a pair of 800 series routes that were given a basic config with Cisco Configuration Professional

Accepted Solution

TRBR earned 0 total points
ID: 39538035
have implemented an alternate solution for now

Author Closing Comment

ID: 39550368

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article explains how to move an Exchange 2013/2016 mailbox database and logs to a different drive.
Organisation is organized in a pattern to flow the day to day business, every application and system is interdepended on each other and when very important “Exchange Server downtime” happened.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question