Solved

on premise exchange 2013 behind sonicwall tz215 with no external owa access

Posted on 2015-01-14
3
239 Views
Last Modified: 2015-01-20
I've got a new on premise exchange 2013 setup behind a sonicwall tz215. Mail is flowing in and out, and https://mail.domain.com/owa works internally, but not externally. DNS appears to be corrrect as everywhere I can think of to check resolves to the proper external IP. As for the sonicwall, I just ran the wizard once for mail server, and once for web server to open the needed ports. I also disabled external web management and set the default http and ssl ports to 81 and 4430 respectively. I can't for the life of me figure out which I can't access owa externally. I believe it may be hampering the autodiscover record process as well, as autodiscover works internally but not externally. A records are in place and correct with the domain host. A proper cert from godaddy is in place and installed, and as I said, mail flows just fine. I don't think its an IIS issue since I can open the site internally, so I'm really leaning towards the firewall. Any suggestions at all would be greatly, greatly appreciated.
0
Comment
Question by:sdholden28
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 40550433
On your public DNS, make sure there a records for mail.domain.com and point to external IP address of your sonicwall.
- say mail.domain.com point 202.141.2.1

From your sonicwall, configure NAT (Network Address Translation) to translate 202.141.2.1 to your Microsoft CAS server.

I think your network engineer able to help you with this.
0
 

Accepted Solution

by:
sdholden28 earned 0 total points
ID: 40552217
I ended up contacting sonicwall support since the support agreement is still active, and after double verifying everything else. Sonicwall engineer agreed that the config was good, but packet capture showed dropped packes and no traffice for the http/https rules. He deleted the rules created by the wizard and recreated them. He also gave the new rules highest priority. This resolved the issue.
0
 

Author Closing Comment

by:sdholden28
ID: 40559329
Only one other solution was posted, which had already been done and clearly stated in the question. I resolved the issue myself.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question