How do i setup external access for OWA?

Hello, I am in need of assistance for our users to be able to access their email externally. OWA is enabled and the external URL shows in the OWA Properties dialog box..  https://mail.company.com/  ..
if you type in the address you receive an error stating the webpage is not available, Err_connection_refused (chrome browser, off domain)
***(please note when it comes to DNS, i understand what it is but as far as configuring it properly, well... i know enough to blow myself up, please be specific when addressing these issues...)

-Our webhost shows an A record of mail.company.com pointing to our public ip address as well as an MX Record with the host as company.com pointing to mail.company.com

-Internal DNS does not show any records for this in the forward lookup zones -Does a record need created?

This is as far as I know how/where to look. I don't know what previous IT had completed or how to check if it was ever setup/properly.. They (users) say they've never known it was possible to access externally...  (Internal OWA does work)
Server 2008 R2
Exchange 2010
Thank you!
BriPCAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

smckeown777Commented:
In the Exchange console under Server Config, Client access you should see

https://mail.company.com/owa

From outside your network are you browsing to that address(including the owa at end)? You need owa at end...

Also - was this working previously or not?
BriPCAuthor Commented:
that is how it shows as the address and that is what is being typed in exactly as that..
Don't believe it ever was working... or setup for that matter.. The steps that have been taken are ones that I have. outside of that, i don't believe anyone has..
smckeown777Commented:
Ok, so you now need to check if your router is allowing access to OWA...

Use this site - http://www.canyouseeme.org/

It will auto detect your public IP(do this from inside your network obviously)
Put in port 443 - is that showing Ok/Pass status?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Jeff GloverSr. Systems AdministratorCommented:
You can also check by using telnet from outside the company. telnet <your public dns name or IP> 443. If it connects (will probably go to a blank screen), then your server is probably listening and the router is fine. Make sure you check your IIS settings. The default website should not have a host header name on it. Also, two IIS things. IF you want users to be able to connect by typing http://mail.company.com only, then you need to remove the Require SSL from the Default Website (make sure it is on the OWA virtual directory) and then set an IIS redirect on the site to https://mail.company.com/owa. Make sure to select this site only. Then make sure there are no redirects on the virtual directories.
Lastly, you can use the Microsoft Remote Connectivity test to further troubleshoot
https://testconnectivity.microsoft.com/
BriPCAuthor Commented:
@smckeown777
error: cannot see your service on port 443 ..
smckeown777Commented:
Right, so you've a router/firewall issue(where you are not forwarding ports from your external IP to your internal...)

You didn't answer my previous question - was this working previously or is this a new install?
BriPCAuthor Commented:
@smckeown777 - my apologies, new install.. will login to the firewall
smckeown777Commented:
Ok so you need 'port forwarding' and firewall ports opened for 443
Port forwarding needs your WAN IP to point to your internal servers IP address...

After that you should be good to go I think
BriPCAuthor Commented:
Opened port in firewall and set NAT. accessible through external! Thank you!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.