Before we start I have a basic Administrative/Support understanding of Ex 2003/2007/2010

Environment Before Issue
1 x Ex 2003 OWA server (located at the DMZ) I know, not good - Front End
1 x 2003 Bridgehead server (Master)
4 x 2003 Mail Servers

Environment now
1 x 2003 Bridgehead server (Master) - Now the Front End - Firewall points directly to this server
4 x 2003 Mail Servers - no changes made
1 x Ex 2010 Hub/Cas Server - Introduced in view of migrating 2003 to 2010

What happened between the above Before & After
The OWA server was located at a COLO site hosting DMZ servers, we then move all DMZ servers including the OWA to a new site. Same COLO hosting services company and no internal/external IP changes necessary. I have since decommissioned the OWA server which is now not part of the Exchange environment.

WebMail was working fine before the move and then when I tested WebMail at the new site we received the HTTP 500 Error, Page cannot be displayed. All other DMZ servers are fine and Exchange internally and externally is fine, just WebMail failing.

Also, we have implemented a new Exchange 2010 server just before the DMZ move so that is currently in a status of coexistence and I have a couple of LIVE mailboxes migrated across and both users have full Active Sync and Web App services.

So long story short, 1,000 users on Ex 2003 have Active Sync services on their mobiles but no WebMail access. The best solution here would be to continue with the 2003 - 2010 migration as we know that works but that is going to take a few weeks so I need to provide WebMail services to 1,000 users via Ex 2003.

I have checked Virtual Directories, Firewall Rules and when other settings but happy to start again from ground zero and maybe cover the basics again as all mail services are functioning as they should be other than WebMail.

In advance thank you for your support.
CTCRMInfrastructure EngineerAsked:
Who is Participating?
CTCRMInfrastructure EngineerAuthor Commented:
I'm not sure what authentication method settings should be set on the Front End Bridgehead server in terms of the ExchWeb>bin>auth>owaauth or owalogon!

Should I have 'Enable anonymous access' check box ticked, Integrated Windows authentication?

And also with regards to the owaauth.dll Properties>File (tab)> should I have the local resource pointing to 'The designated file', or, 'A redirection to a URL'?

I wouldn't have thought the Redirection to a URL should be used if the Bridgehead server is acting as a proxy for EX 2003 traffic.
Simon Butler (Sembee)ConsultantCommented:
Offering to pay for assistance outside of the site is against the rules of the site.

I presume you have checked the legacyURL configuration is correct on Exchange 2010? If so then the your problem is the server in the DMZ.

I would suggest that you build a new Frontend Exchange 2003 server that is inside the firewall. Then configure that with the legacy address, adjusting DNS etc as required. Then remove that server that is in the DMZ using add/remove programs.

OWA doesn't proxy, it redirects. ActiveSync goes over the proxy.

CTCRMInfrastructure EngineerAuthor Commented:
Hi Simon

The OWA server that was in the DMZ has been uninstalled from the Exchange environment and the firewall now points directly at the Ex Bridge Server which is now the Front End server.

Is the above a correct setup? And should I now configure the Bridge Server with the Legacy address?

If OWA redirects and the requests come straight in to the Bridge where does/should the Bridge redirect the requests to?
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Simon Butler (Sembee)ConsultantCommented:
All you have to do is get the traffic to the frontend server. Exchange 2003 then does the rest. Have you checked the frontend server is actually working correctly? You should be able to connect to it directly and access OWA. If that isn't happening then the problem is there.

The most common issue with frontend servers is a version mismatch between the frontend and the backend.

CTCRMInfrastructure EngineerAuthor Commented:
Hi Simon

I've managed to do the following:

running a web browser internally for webmail.domain.co.uk/exchweb/bin/auth.owalogon.asp provides me with the Outlook Web Access logon screen and

running a web browser externally for webmail.domain.co.uk/exchweb/bin/auth.owalogon.asp provides me with the Outlook Web Access logon screen.

However, when logging on using a test account with associates Ex2003 mailbox entering domain\username, and password, the OL Web Access logon screen just refreshes clearing the credentials from the fields.

Is this permissions and/or login settings at the properties of the owaauth.dll or owalogon.asp level?
CTCRMInfrastructure EngineerAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.