Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange OWA and Outlook access over WAN don´t work nearly every day. Outlook via LAN works fine

Posted on 2014-12-11
9
142 Views
Last Modified: 2015-01-18
HI,

nearly every day we are not able toaccess the exchange over OWA or by using Outlooks outside the LAN. Restart the Exchange-services don´t help. There are no helping entries in the eventlog. If i make a "iisreset /restart" everything works fine till next time.
We have a SBS2008 with Exchange2007. All Updates are installed.

Any idea ?
0
Comment
Question by:loosain
  • 4
  • 3
  • 2
9 Comments
 
LVL 8

Expert Comment

by:tshearon
ID: 40494581
Are you using any sort of mail firewall or anti-spam that could be eventually killing it after IIS restarts?
0
 

Author Comment

by:loosain
ID: 40494604
There is Kaspersky installed. Customer wants so...
Antispam there is nothing. Firewall only KAspersky. But it works for ours and then it stops. So i think this couldn´t be a firewall-problem, o could it ?
0
 
LVL 8

Expert Comment

by:tshearon
ID: 40494612
It very well could be. Have you checked the Kapersky logs there when it stops? If it works internal but not external then I would assume there is some sort of firewall/port issue gumming it up.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 19

Assisted Solution

by:Adam Farage
Adam Farage earned 500 total points
ID: 40495380
Its most likely a firewall issue, try turning off Kaspersky for a moment and then testing the HTTPS connection (Outlook Anywhere / Outlook Web App). Furthermore when it is not working I would look at services.msc and make sure IIS is running.

You should look to see if (when the issue is occurring) that the server is binding over TCP 443 by using netstat -anp. If it is, and its available then look at the Kaspersky settings to make sure that it is actually allow TCP 443 through. Local Firewalls are a nightmare for Exchange, but its most likely (by default) disabling TCP 443. Furthermore, check to make sure that Kaspersky is not doing HTTPS inspection (if it even does that).

Last thing but not least is to check the actual Antivirus exclusions. That is a lot to cover, but they are listed below:
http://technet.microsoft.com/en-us/library/bb332342%28v=exchg.141%29.aspx

There is absolutely no exception for these exclusions, and they must be applied.
0
 

Author Comment

by:loosain
ID: 40535592
Sorry its been a while. The problem ist still there. We have already uninstalled antivirus. I made a netstat with this interesting output:


 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      tmo-113-94:11611       HERGESTELLT

 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      ipservice-092-209-079-174:62827  SYN_EMPFANGEN

 Es konnten keine Besitzerinformationen ermittelt werden.
  TCP    192.168.2.250:443      ipservice-092-209-079-174:62828  SYN_EMPFANGEN

Any idea what this could be ?
0
 
LVL 19

Expert Comment

by:Adam Farage
ID: 40536983
English conversion ? :)
0
 

Author Comment

by:loosain
ID: 40536995
 Es konnten keine Besitzerinformationen ermittelt werden

Means

there could no information be found about
ownership

Hergestellt = connected

Syn_empfangen = syn_received

there are two services listening on local port 443 it looks like for me. Or am i wrong  here?
0
 
LVL 19

Accepted Solution

by:
Adam Farage earned 500 total points
ID: 40537074
That looks wrong honestly. Run the following and post it up here (just pre-translate it, I have yet to find a decent translation program online that is actually correct)..

netstat -anp > C:\Netstat.log
0
 

Author Closing Comment

by:loosain
ID: 40556769
Those programs where ok. I realized that Sharepoint services throw errors every 3 seconds because the db of sharepoint was killed in former times. We dont use sharepoint. So i uninstalled sharepoint services and from this everything was fine...
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
how to add IIS SMTP to handle application/Scanner relays into office 365.

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question