Solved

Exchange OWA and Outlook access over WAN don´t work nearly every day. Outlook via LAN works fine

Posted on 2014-12-11
9
133 Views
Last Modified: 2015-01-18
HI,

nearly every day we are not able toaccess the exchange over OWA or by using Outlooks outside the LAN. Restart the Exchange-services don´t help. There are no helping entries in the eventlog. If i make a "iisreset /restart" everything works fine till next time.
We have a SBS2008 with Exchange2007. All Updates are installed.

Any idea ?
0
Comment
Question by:loosain
  • 4
  • 3
  • 2
9 Comments
 
LVL 8

Expert Comment

by:tshearon
ID: 40494581
Are you using any sort of mail firewall or anti-spam that could be eventually killing it after IIS restarts?
0
 

Author Comment

by:loosain
ID: 40494604
There is Kaspersky installed. Customer wants so...
Antispam there is nothing. Firewall only KAspersky. But it works for ours and then it stops. So i think this couldn´t be a firewall-problem, o could it ?
0
 
LVL 8

Expert Comment

by:tshearon
ID: 40494612
It very well could be. Have you checked the Kapersky logs there when it stops? If it works internal but not external then I would assume there is some sort of firewall/port issue gumming it up.
0
 
LVL 19

Assisted Solution

by:Adam Farage
Adam Farage earned 500 total points
ID: 40495380
Its most likely a firewall issue, try turning off Kaspersky for a moment and then testing the HTTPS connection (Outlook Anywhere / Outlook Web App). Furthermore when it is not working I would look at services.msc and make sure IIS is running.

You should look to see if (when the issue is occurring) that the server is binding over TCP 443 by using netstat -anp. If it is, and its available then look at the Kaspersky settings to make sure that it is actually allow TCP 443 through. Local Firewalls are a nightmare for Exchange, but its most likely (by default) disabling TCP 443. Furthermore, check to make sure that Kaspersky is not doing HTTPS inspection (if it even does that).

Last thing but not least is to check the actual Antivirus exclusions. That is a lot to cover, but they are listed below:
http://technet.microsoft.com/en-us/library/bb332342%28v=exchg.141%29.aspx

There is absolutely no exception for these exclusions, and they must be applied.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:loosain
ID: 40535592
Sorry its been a while. The problem ist still there. We have already uninstalled antivirus. I made a netstat with this interesting output:


 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      tmo-113-94:11611       HERGESTELLT

 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      ipservice-092-209-079-174:62827  SYN_EMPFANGEN

 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      ipservice-092-209-079-174:62828  SYN_EMPFANGEN

Any idea what this could be ?
0
 
LVL 19

Expert Comment

by:Adam Farage
ID: 40536983
English conversion ? :)
0
 

Author Comment

by:loosain
ID: 40536995
 Es konnten keine Besitzerinformationen ermittelt werden

Means

there could no information be found about
ownership

Hergestellt = connected

Syn_empfangen = syn_received

there are two services listening on local port 443 it looks like for me. Or am i wrong  here?
0
 
LVL 19

Accepted Solution

by:
Adam Farage earned 500 total points
ID: 40537074
That looks wrong honestly. Run the following and post it up here (just pre-translate it, I have yet to find a decent translation program online that is actually correct)..

netstat -anp > C:\Netstat.log
0
 

Author Closing Comment

by:loosain
ID: 40556769
Those programs where ok. I realized that Sharepoint services throw errors every 3 seconds because the db of sharepoint was killed in former times. We dont use sharepoint. So i uninstalled sharepoint services and from this everything was fine...
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now