Solved

on premise exchange 2013 behind sonicwall tz215 with no external owa access

Posted on 2015-01-14
3
236 Views
Last Modified: 2015-01-20
I've got a new on premise exchange 2013 setup behind a sonicwall tz215. Mail is flowing in and out, and https://mail.domain.com/owa works internally, but not externally. DNS appears to be corrrect as everywhere I can think of to check resolves to the proper external IP. As for the sonicwall, I just ran the wizard once for mail server, and once for web server to open the needed ports. I also disabled external web management and set the default http and ssl ports to 81 and 4430 respectively. I can't for the life of me figure out which I can't access owa externally. I believe it may be hampering the autodiscover record process as well, as autodiscover works internally but not externally. A records are in place and correct with the domain host. A proper cert from godaddy is in place and installed, and as I said, mail flows just fine. I don't think its an IIS issue since I can open the site internally, so I'm really leaning towards the firewall. Any suggestions at all would be greatly, greatly appreciated.
0
Comment
Question by:sdholden28
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 40550433
On your public DNS, make sure there a records for mail.domain.com and point to external IP address of your sonicwall.
- say mail.domain.com point 202.141.2.1

From your sonicwall, configure NAT (Network Address Translation) to translate 202.141.2.1 to your Microsoft CAS server.

I think your network engineer able to help you with this.
0
 

Accepted Solution

by:
sdholden28 earned 0 total points
ID: 40552217
I ended up contacting sonicwall support since the support agreement is still active, and after double verifying everything else. Sonicwall engineer agreed that the config was good, but packet capture showed dropped packes and no traffice for the http/https rules. He deleted the rules created by the wizard and recreated them. He also gave the new rules highest priority. This resolved the issue.
0
 

Author Closing Comment

by:sdholden28
ID: 40559329
Only one other solution was posted, which had already been done and clearly stated in the question. I resolved the issue myself.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question