Solved

on premise exchange 2013 behind sonicwall tz215 with no external owa access

Posted on 2015-01-14
3
225 Views
Last Modified: 2015-01-20
I've got a new on premise exchange 2013 setup behind a sonicwall tz215. Mail is flowing in and out, and https://mail.domain.com/owa works internally, but not externally. DNS appears to be corrrect as everywhere I can think of to check resolves to the proper external IP. As for the sonicwall, I just ran the wizard once for mail server, and once for web server to open the needed ports. I also disabled external web management and set the default http and ssl ports to 81 and 4430 respectively. I can't for the life of me figure out which I can't access owa externally. I believe it may be hampering the autodiscover record process as well, as autodiscover works internally but not externally. A records are in place and correct with the domain host. A proper cert from godaddy is in place and installed, and as I said, mail flows just fine. I don't think its an IIS issue since I can open the site internally, so I'm really leaning towards the firewall. Any suggestions at all would be greatly, greatly appreciated.
0
Comment
Question by:sdholden28
  • 2
3 Comments
 
LVL 18

Expert Comment

by:suriyaehnop
ID: 40550433
On your public DNS, make sure there a records for mail.domain.com and point to external IP address of your sonicwall.
- say mail.domain.com point 202.141.2.1

From your sonicwall, configure NAT (Network Address Translation) to translate 202.141.2.1 to your Microsoft CAS server.

I think your network engineer able to help you with this.
0
 

Accepted Solution

by:
sdholden28 earned 0 total points
ID: 40552217
I ended up contacting sonicwall support since the support agreement is still active, and after double verifying everything else. Sonicwall engineer agreed that the config was good, but packet capture showed dropped packes and no traffice for the http/https rules. He deleted the rules created by the wizard and recreated them. He also gave the new rules highest priority. This resolved the issue.
0
 

Author Closing Comment

by:sdholden28
ID: 40559329
Only one other solution was posted, which had already been done and clearly stated in the question. I resolved the issue myself.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now