RPC Proxy can't be pinged

wayne70
wayne70 used Ask the Experts™
on
Outlook anywhere in Exchange 2016 seems to be working via https but if I close outlook and re-open it it says the server is not available.  If I remove the Exchange account from outlook and configure it new everything works until I restart outlook and the problem starts all over again.
Here is the output of the outlook connectivity tester:


RPC Proxy can't be pinged.
       
      Additional Details
       
An unexpected network-level exception was encountered. Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: Microsoft.Exchange.Tools.ExRca.Extensions.MapiTransportException
Stack trace:
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
at Microsoft.Exchange.Tools.ExRca.Tests.MapiPingProxyTest.PerformTestReally()
Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: System.Net.WebException
Stack trace:
at System.Net.HttpWebRequest.GetResponse()
at RpcPingLib.RpcPing.PingProxy(String internalServerFqdn, String endpoint)
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
Elapsed Time: 515 ms.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
Run get-outlookanywhere | fl on the Exchange server and verify the internal and external URLs are valid (they should also be the same). Once that's done, open your DNS configuration and make sure there aren't multiple IP addresses assigned to the host name in the OutlookAnywhere URLs. You may be running into a DNS round robin issue.

Author

Commented:
The command shows the external and internal hostnames are valid but they are different.  The internal name resolves to the private IP of the server and the external name resolves to the Public IP of the server.  How do I go about making them the same and should they point to the private or the public address for outlookanywhere to work?
Senior Systems Admin
Top Expert 2010
Commented:
It's a best practice to make sure both names are the same, but it isn't a requirement. With different names, you may be running into issues with autodiscover referring Outlook to the incorrect URL for the workstation's current location. I suspect that your router/firewall is not properly configured to allow Internal Network clients to connect to the public IP address of the mail server, which, if you have different URLs for Outlook Anywhere, a referral to the External IP address's URL would cause connectivity failure for internal clients, and domain-joined computers could run into the same problem going outside the network.

To check if this is the problem, try to connect to your mail server in a web browser on an internal network computer using https://<Public IP address>/owa and see if it connects. If it doesn't connect, you're most likely dealing with the issue I mentioned.

To resolve that, you can do one of two things after making sure both URLs in the Autodiscover config match:
1. Create an Internal DNS record for the URL that points to the Internal IP address of the mail server. You can do this with an internal only version of the DNS forward lookup zone, or you can use Pinpoint DNS to create the record. Pinpoint DNS makes it so you don't have to manually copy the records for your Public domain into the internal copy of that domain. You can create a pinpoint DNS record by creating a new Primary DNS zone that uses the full host name of the mail server, so for mail.contoso.com you would create a primary zone that uses mail.contoso.com. When the zone is created, you would create an A record that points to the mail server's internal IP address and use no additional host name for the record, so it uses the "Same as parent" option (google windows pinpoint DNS for more specific instructions).
2. Reconfigure your firewall/router so it will allow internal clients to access public IP addresses. I can't give instructions for this one, since it depends on the manufacturer.

Author

Commented:
Adam thank you so much for your help with this issue.  I corrected the problem with the Connectivity Tester.  The tester passes with minor issues (certificate may not work on windows phone) not a problem in this environment.  Outlook clients are now connecting and working fine.  When outlook is closed and re-opened it's able to reconnect without a problem.  (internally and externally) On some outlook clients from the external I had to remove the exchange account and re-add it.  After that everything worked fine. Here are the steps I took:

I made it so the urls for the internal and the external match (example: mail.contoso.com)  under server > server > name of server to change > outlook Anywhere
I then created a new DNS zone (contoso.com) and added the an "A" record for the newly added url.  Now the internal clients resolve the url mail.contoso.com to the private address of the exchange server and the external clients resolve the url mail.contoso.com to the public IP of the server.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial