Solved

SBS2011 OWA Issue: Cannot access OWA from thw web

Posted on 2013-11-12
11
608 Views
Last Modified: 2013-12-09
Hi Experts

I cannot access OWA or the default server website from the internet.
Internally everything is ok.  We are using a Draytek 2860 router.  Ports 25,80, 443, 987 are open (based on canyouseeme check).  These ports are redirected to server IP via NAT.  I have rerun " Setup your internet address" wizard again and it has run successfully.  Any suggestions most welcome.  Thank you in advance
0
Comment
Question by:freshfordian
  • 7
  • 2
  • 2
11 Comments
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 39643775
are yo uable to telnet those ports with the external IP ?
0
 
LVL 1

Author Comment

by:freshfordian
ID: 39643784
No.  telnetting from internet is not enabled on router. Windows firewall is still operational on server.
0
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 39643790
disable the window firewall or create exception to the related ports in windows firewall.. all the best
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39644024
What happens when you browse to the OWA?  Can you access the remote page?  Any errors / warnings in the event logs?

External DNS Setup correctly?
0
 
LVL 1

Author Comment

by:freshfordian
ID: 39647842
What happens are the following:

1. when I browse the external address (mail.mycompany.com/owa) is a 404 not found error: - The requested URL was not found on this server or page cannot be displayed

2. I get the same error when I enter mail,mycompany.com. The URL changes to https://mail.mycompany.com/remote and displays the same 404 error or Page cannot be displayed

3. If I enter the IP address of mail.mycompany.com I get the IIS7 Page.  



This looks like a DNS Error! Am I right? How can I correct it?
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 1

Author Comment

by:freshfordian
ID: 39648408
Other INTERNAL Checks as follows:

http://localhost/remote ................. OK
http://localhost/owa........................ OK
http://192.168.0.4/remote.............. OK
http://192.168.0.4/owa.................... OK

http://mail.mydomain.com ............ OK (redirectd itself to remote)
http://mail.mydomain.com/owa..... OK

Internal systems seem fine,
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39648455
It sounds like either your router isn't forwarding the ports corerctly or you have an external DNS issue.

Rather than opening the ports on the Draytek, try doing a port re-direction and try again.

Ping mail.mydomain.com from outside of your network and confirm it is resolving to the correct IP address
0
 
LVL 1

Author Comment

by:freshfordian
ID: 39650370
Hi
Pinging mail.mycompany.com is successful.
I have port redirection setup on the Draytek for a number of ports for other applications including port 25.  The recommended ports (25,80,443,987,1723) are all redirected to the server iP.  

For example, I the following apps are working fine:
http://mail.mycompany.com:8080/ePortal
http://mail.mycompany.com:8081/media
whereas
http://mail,mycompany.com/owa: Bottom left hand corner of browser window message "Establishing Secure Connection..." then "Webpage is not available.  As outlined above, internally all is ok. It looks to me to be a possible IIS issue?
0
 
LVL 1

Author Comment

by:freshfordian
ID: 39650386
Some additional Info:
I ran an Remote Connectivity Analyser test.  Results are attached.  

Testing RPC/HTTP connectivity.
       The RPC/HTTP test failed.
       
      Additional Details       
Elapsed Time: 6515 ms.
            Test Steps
       
      Attempting to resolve the host name mail.mycompany.ie in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.mycompany.com to ensure it's listening and open.
       The port was opened successfully.
       
      Additional Details
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Additional Details
       
Elapsed Time: 5646 ms.
       
      Test Steps
       
      The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.mycompany.com on port 443.
       The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
       
      Additional Details
       
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 5624 ms.

This appears to narrow down the problem. Any advice from here would be most welcome,
Thank you
0
 
LVL 1

Accepted Solution

by:
freshfordian earned 0 total points
ID: 39697724
Hi All

Decided to abandon exchange in favour of Google Apps for Education. No issues since.  I do appreciate your input.  Many thanks.
0
 
LVL 1

Author Closing Comment

by:freshfordian
ID: 39705747
There was no apparent solution forthcoming.  We chose in the end to move away from inhouse exchange to a the cloud-based Google Apps for Education.  I do appreciate thr tips provided but I don't know of any other way to close the question fairly?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now