OWA and Activesync not working (Exchange 2007)

This is the result of "get-WebServicesVirtualDirectory |fl"

I changed the actual names of the server and domain. I hope this helps.


InternalNLBBypassUrl                        : https://myserver.mydomain.local/EWS/Exchange.asmx
Name                                                   : EWS (SBS Web Applications)
InternalAuthenticationMethods        : {Ntlm, WindowsIntegrated, Basic}
ExternalAuthenticationMethods        : {Ntlm, WindowsIntegrated, Basic}
BasicAuthentication                            : True
DigestAuthentication                          : False
WindowsAuthentication                     : True
MetabasePath                                     : IIS://myserver.mydomain.local/W3SVC/3/ROOT/EWS
Path                                                     : C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\EWS
Server                                                  : myserver
InternalUrl                                          : https://remote.mydomain.com/ews/exchange.asmx
ExternalUrl                                          : https://remote.mydomain.com/EWS/Exchange.asmx
AdminDisplayName                           :
ExchangeVersion                                : 0.1 (8.0.535.0)
DistinguishedName                           : CN=EWS (SBS Web                           Applications),CN=HTTP,CN=Protocols,CN=myserver,CN=Servers,CN=Exchange Admin
                                istrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Mic
                                rosoft Exchange,CN=Services,CN=Configuration,DC=mydomain,DC=local
Identity                                              : myserver\EWS (SBS Web Applications)
Guid                                                  : 59a0ec7b-2c08-4ebc-933c-2eed23b91d85
ObjectCategory                                : mydomain.local/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass                                      : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged                                   : 8/8/2014 7:07:59 PM
WhenCreated                                     : 3/27/2010 6:53:16 PM
OriginatingServer                               : myserver.mydomain.local
IsValid                                                  : True

Erm..

Two things:

1) is there an internal forwarding lookup zone for mydomain.com? This is important, since your actual domain is .local, and although it would work the issue here is that your traffic would go outside and then swing on in..

2) Is your PUBLIC DNS A records for remote.mydomain.com set properly?

3) Dont just recycle the IIS virtual directory, that sometimes wont fix this. Run the following:

IISRESET /NOFORCE

Select allOpen in new window

Once this is done, retest.

Thanks for the response Adam.

1) There is a forward lookup zone for remote.mydomain.com, not mydomain.com.
2) I believe the PUBLIC DNS A record is set properly. It has not been changed and was working prior to this. Should it have been modified?
3) I performed the IISRESET /NOFORCE. Symptoms remain the same.

the forward lookup zone should be (technically) mydomain.com. This would allow you to add the autodiscover.mydomain.com and remote.mydomain.com in there. Since you said you had .local before, I would expect this not to exist unless you did a split domain setup previously.

The last thing I would check is the firewall / DNS. It is hard to troubleshoot this without the real FQDN for us to do some testing, but check out testexchangeconnectivity.com and let us know what those reports show as.

Thanks again Adam. I really need to get this working so here is the real FQDN: remote.whitestarllc.com

The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Additional Details
Elapsed Time: 4177 ms.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Additional Details
Elapsed Time: 4173 ms.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Additional Details
Elapsed Time: 4173 ms.
Test Steps
Attempting to test potential Autodiscover URL https://whitestarllc.com:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 745 ms.
Test Steps
Attempting to resolve the host name whitestarllc.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 192.185.144.27
Elapsed Time: 281 ms.
Testing TCP port 443 on host whitestarllc.com to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 237 ms.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Additional Details
Elapsed Time: 226 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server whitestarllc.com on port 443.
The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 161 ms.
Attempting to test potential Autodiscover URL https://autodiscover.whitestarllc.com:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 758 ms.
Test Steps
Attempting to resolve the host name autodiscover.whitestarllc.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 192.185.144.27
Elapsed Time: 268 ms.
Testing TCP port 443 on host autodiscover.whitestarllc.com to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 275 ms.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Additional Details
Elapsed Time: 214 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.whitestarllc.com on port 443.
The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 154 ms.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Additional Details
Elapsed Time: 2589 ms.
Test Steps
Attempting to resolve the host name autodiscover.whitestarllc.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 192.185.144.27
Elapsed Time: 34 ms.
Testing TCP port 80 on host autodiscover.whitestarllc.com to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 126 ms.
The Microsoft Connectivity Analyzer is checking the host autodiscover.whitestarllc.com for an HTTP redirect to the Autodiscover service.
The redirect (HTTP 301/302) response was received successfully.
Additional Details
Redirect URL: https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xmlHTTP Response Headers: Connection: keep-alive Content-Length: 0 Content-Type: application/xml Date: Mon, 11 Aug 2014 13:26:05 GMT Location: https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml Server: nginx/1.6.1
Elapsed Time: 278 ms.
Attempting to test potential Autodiscover URL https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 2150 ms.
Test Steps
Attempting to resolve the host name cpanelemaildiscovery.cpanel.net in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 208.74.123.82, 208.74.124.130, 208.74.124.133, 208.74.125.50, 208.74.125.51
Elapsed Time: 170 ms.
Testing TCP port 443 on host cpanelemaildiscovery.cpanel.net to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 162 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 384 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server cpanelemaildiscovery.cpanel.net on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=*.cpanel.net, OU=Domain Control Validated, Issuer: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 241 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
The host name that was found, cpanelemaildiscovery.cpanel.net, is a wildcard certificate match for common name *.cpanel.net.
Elapsed Time: 0 ms.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=*.cpanel.net, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 2 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 44 ms.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
Elapsed Time: 6 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 4/29/2014 3:54:32 PM, NotAfter = 10/18/2016 5:19:12 AM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 291 ms.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Additional Details
Elapsed Time: 1141 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml for user mkelly@whitestarllc.com.
The Autodiscover XML response was successfully retrieved.
Additional Details
An HTTPS redirect was received in response to the Autodiscover request. The redirect URL is https://exchange.whitestarllc.com/autodiscover/autodiscover.xml.HTTP Response Headers: Connection: close Content-Length: 0 Content-Type: text/xml Date: Mon, 11 Aug 2014 13:26:04 GMT Location: https://exchange.whitestarllc.com/autodiscover/autodiscover.xml Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.5 Perl/v5.8.8
Elapsed Time: 348 ms.
Attempting to test potential Autodiscover URL https://exchange.whitestarllc.com/autodiscover/autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 792 ms.
Test Steps
Attempting to resolve the host name exchange.whitestarllc.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 192.185.144.27
Elapsed Time: 370 ms.
Testing TCP port 443 on host exchange.whitestarllc.com to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 233 ms.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Additional Details
Elapsed Time: 188 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server exchange.whitestarllc.com on port 443.
The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 124 ms.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.
Additional Details
Elapsed Time: 80 ms.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.whitestarllc.com in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
Additional Details
Elapsed Time: 80 ms.

I created the forward lookup zone of whitestarllc.com and placed these Host (A)'s in it:

remote
wsdc
autodiscover

all with the same internal IP.

Is that correct?

What's bothering me about this is that when I go to https://localhost/owa I'm getting "Server Error in Application 'Default Web Site'  - HTTP Error 404.0 - Not found.

If it's not working internally it certainly cannot work externally, right?

Correct, but when I go to autodiscover.company.com/autodiscover/autodiscover.xml I get the following error:

(Error code: ssl_error_rx_record_too_long)

I have never seen this error before, which shocks me honestly. I will look into that error, but I would recommend you look at that also. I would also recommend resetting the OWA virtual directory (http://technet.microsoft.com/en-us/library/ff629372%28v=exchg.141%29.aspx). Once that is done, reconfigure the OWA virtual directory.

Thanks for sticking with me :-) I'm trying to reset the OWA virtual directory using the EMC portion of the instructions you provided. In step #2 it says: "In the action pane, click Reset Client Access Virtual Directory."

That option is not there. See attached.
OWAVD.PNG

Progress...

I deleted and recreated the OWA Virtual Directory using Remove-OwaVirtualDirectory “owa (Default Web Site)” & New-OwaVirtualDirectory -OwaVersion “Exchange2007″ -Name “owa (Default Web Site)”

Then I configured the new one with the appropriate internal and external URLs.

OWA is now working.

Still trying to get ActiveSync to work though.