Posted on 2013-11-18
Last Modified: 2013-12-15
Before we start I have a basic Administrative/Support understanding of Ex 2003/2007/2010

Environment Before Issue
1 x Ex 2003 OWA server (located at the DMZ) I know, not good - Front End
1 x 2003 Bridgehead server (Master)
4 x 2003 Mail Servers

Environment now
1 x 2003 Bridgehead server (Master) - Now the Front End - Firewall points directly to this server
4 x 2003 Mail Servers - no changes made
1 x Ex 2010 Hub/Cas Server - Introduced in view of migrating 2003 to 2010

What happened between the above Before & After
The OWA server was located at a COLO site hosting DMZ servers, we then move all DMZ servers including the OWA to a new site. Same COLO hosting services company and no internal/external IP changes necessary. I have since decommissioned the OWA server which is now not part of the Exchange environment.

WebMail was working fine before the move and then when I tested WebMail at the new site we received the HTTP 500 Error, Page cannot be displayed. All other DMZ servers are fine and Exchange internally and externally is fine, just WebMail failing.

Also, we have implemented a new Exchange 2010 server just before the DMZ move so that is currently in a status of coexistence and I have a couple of LIVE mailboxes migrated across and both users have full Active Sync and Web App services.

So long story short, 1,000 users on Ex 2003 have Active Sync services on their mobiles but no WebMail access. The best solution here would be to continue with the 2003 - 2010 migration as we know that works but that is going to take a few weeks so I need to provide WebMail services to 1,000 users via Ex 2003.

I have checked Virtual Directories, Firewall Rules and when other settings but happy to start again from ground zero and maybe cover the basics again as all mail services are functioning as they should be other than WebMail.

In advance thank you for your support.
Question by:CTCRM
  • 4
  • 2
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39656227
Offering to pay for assistance outside of the site is against the rules of the site.

I presume you have checked the legacyURL configuration is correct on Exchange 2010? If so then the your problem is the server in the DMZ.

I would suggest that you build a new Frontend Exchange 2003 server that is inside the firewall. Then configure that with the legacy address, adjusting DNS etc as required. Then remove that server that is in the DMZ using add/remove programs.

OWA doesn't proxy, it redirects. ActiveSync goes over the proxy.


Author Comment

ID: 39656268
Hi Simon

The OWA server that was in the DMZ has been uninstalled from the Exchange environment and the firewall now points directly at the Ex Bridge Server which is now the Front End server.

Is the above a correct setup? And should I now configure the Bridge Server with the Legacy address?

If OWA redirects and the requests come straight in to the Bridge where does/should the Bridge redirect the requests to?
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39657993
All you have to do is get the traffic to the frontend server. Exchange 2003 then does the rest. Have you checked the frontend server is actually working correctly? You should be able to connect to it directly and access OWA. If that isn't happening then the problem is there.

The most common issue with frontend servers is a version mismatch between the frontend and the backend.

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.


Author Comment

ID: 39659278
Hi Simon

I've managed to do the following:

running a web browser internally for provides me with the Outlook Web Access logon screen and

running a web browser externally for provides me with the Outlook Web Access logon screen.

However, when logging on using a test account with associates Ex2003 mailbox entering domain\username, and password, the OL Web Access logon screen just refreshes clearing the credentials from the fields.

Is this permissions and/or login settings at the properties of the owaauth.dll or owalogon.asp level?

Accepted Solution

CTCRM earned 0 total points
ID: 39659293
I'm not sure what authentication method settings should be set on the Front End Bridgehead server in terms of the ExchWeb>bin>auth>owaauth or owalogon!

Should I have 'Enable anonymous access' check box ticked, Integrated Windows authentication?

And also with regards to the owaauth.dll Properties>File (tab)> should I have the local resource pointing to 'The designated file', or, 'A redirection to a URL'?

I wouldn't have thought the Redirection to a URL should be used if the Bridgehead server is acting as a proxy for EX 2003 traffic.

Author Closing Comment

ID: 39719710

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question