Solved

Trouble Exchange 2013 through IIS ARR

Posted on 2013-11-22
18
3,725 Views
Last Modified: 2016-10-19
Hello,

I've set up an exchange server 2013 on server 2012 which worked perfectly fine at first.
Now i'm trying to route https traffic through IIS ARR so that i can deploy office web apps etc on a single IP adress.

I have set everything up according to;
http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx

I got everything working, except for RPC Over HTTP.
The error message i am getting when testing through testconnectivity.microsoft.com is;

	Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server 29d3428c-230d-4402-9959-c528c40bf324@mydomain.com.
 	The attempt to ping the endpoint failed.
 	
	Additional Details
 	
An RPC error was thrown by the RPC Runtime process. Error 1818 CallCancelled
Elapsed Time: 31021 ms.

Open in new window


After this i thought i might have to install the feature RPC over HTTP Proxy on my ISS ARR server, but that gave me authentication errors.

Any further help on this would be greatly appreciated.
0
Comment
Question by:tdkoning93
  • 10
  • 7
18 Comments
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39669346
Does OWA show up? https://mail.domain.com/owa?
Make sure you have a reverse proxy site set up on your ARR server for _each_ www.domain.com, email.domain.com, sharepoint.domain.com, ETC.

Also, you need only set up ONE reverse proxy for www.domain.com and say www2.domain.com and others that point to the same IIS server on the back end. You need only edit the host header (bindings) on the reverse proxy site to get all sites to forward to the same page.

Philip
0
 

Author Comment

by:tdkoning93
ID: 39669514
OWA does work, everything works fine. Except for autodiscover through outlook with RPC.
I have my proxy set up for autodiscover.mydomain.com and for mydomain.com for email.

I don't use www, everything works fine through the website except for autodiscover through RPC on outlook.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39669591
Using the single IP method you are better off setting up a DNS SRV record to deliver Autodiscover on the Internet.

http://bit.ly/18WtFMl

This eliminates the need to use a UCC certificate as well so reduced costs.

Does EAS work too (Exchange Active Sync) if a device is hooked in without trying to utilize autodiscover?

P.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:tdkoning93
ID: 39669708
Activesync works fine, so does autodiscover. The only exchange connectivity test i'm having problems with is RPC over HTTP, which is the one i will be needing for Outlook.

I will try the SRV method you told me, will report back today with further information.

Also included a screenshot of the exchange connectivity test.
I should also state that using this method with autodiscover worked fine without IIS ARR.
So i think the problem isn't related to the way i reach autodiscover, but some setting in IIS ARR or authentication of some kind.
ss--2013-11-22-at-07.06.44-.png
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39670205
Is ARR on the Exchange server?

Philip
0
 

Author Comment

by:tdkoning93
ID: 39670233
No i have it running on a seperate server in my domain.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39670244
If all services are working as expected via ARR with the exception of Outlook Anywhere then look to your Exchange IIS configuration for that folder _on_ the Exchange server.

ARR is essentially re-routing packets to Exchange. It does not stop to examine which ones. :)

Philip
0
 

Author Comment

by:tdkoning93
ID: 39673230
I have tried to put an SRV record but it keeps taking the other method as its working fine;
Attempting to test potential Autodiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml

Also i wouldn't know what would be wrong with my outlook anywhere since it used to work fine before i put the IIS ARR as a reverse proxy server for exchange.
0
 

Author Comment

by:tdkoning93
ID: 39677557
telnet to port 6001 internal works fine.
Outlook internal works fine.

Its just externally so something in IIS ARR is not relaying it right.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39677578
Is the RPC Client service on the Exchange server up? We've seen that service and a few others that will not fire up properly.

Philip
0
 

Author Comment

by:tdkoning93
ID: 39677594
The Microsoft Exchange RPC Client Acces service is up and running. I can also use Outlook when the client is in the same domain. Its not working externally so isn't there some configuration in the IIS ARR server i have done wrong or thats missing?
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39677649
ARR is really simple.

Take email.domain.com and redirect to server X hosting Exchange/IIS.
Take www.domain.com and redirecto to server Y hosting IIS.

It does not pick protocols since RPC is wrapped in an SSL tunnel (RPC over HTTPS).

Are you able to point that port directly to the Exchange server for testing purposes? If yes, then point 443 to Exchange and see if OA works as expected. If it does not then the problem is elsewhere.

Philip
0
 

Author Comment

by:tdkoning93
ID: 39677759
Works fine without routing through IIS ARR.
Untitled.png
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39678195
What version IIS/WinServer and what version ARR? Was ARR installed within IIS via the Web App mechanism?

Philip
0
 

Author Comment

by:tdkoning93
ID: 39678338
IIS version 8.0.9
ARR 3.0 through web app platform
0
 

Accepted Solution

by:
tdkoning93 earned 0 total points
ID: 39679093
I got it solved by following;
http://www.msexchange.org/articles-tutorials/exchange-server-2013/mobility-client-access/iis-application-request-routing-part1.html

I think i had something to do with setting the Maximum allowed content length in IIS under Request filtering to 2147483648 and enabling "Use URL Rewrite to inspect incoming Requests" under Routing rules  at my server farm in IIS ARR.

Thanks for your help Phillip.
0
 

Author Closing Comment

by:tdkoning93
ID: 39687942
Thanks to some guidance of the person posting and some further research i found the solution myself on the internet while following a different guide to set-up IIS ARR.
0
 

Expert Comment

by:Michael Wentink
ID: 41849572
Hi ,

do you have any reference of your solution? i am experiencing the same issues with ARR 3.0 on seperate windows 2012 iis server.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question