Exchange 2013 OWA External Timing Out
Original Configuration:
Two External IPs (.1,.2)
DNS
mail.domain.com -> .1
remote.domain.com -> .2
webmail.domain.com -> .2
Network Security Appliance
Both IPs come through one WAN port
.2 is the primary
.1 is an alias
Firewall Port Forwarding
.2 (HTTPS, SMTP,POP3,) -> Server 2008 with Exchange 2007
.1 (HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143) -> Server 2012 R2 with Exchange 2013
MX Records are pointing to -> Server 2012R2 with Exchange 2013
The servers are operating in co-existence. The mailboxes, public folders, etc. are all on the Exchange 2013 server.
OWA to the Exchange 2013 is working.
ActiveSync to the Exchange 2013 is working.
=== Server 2008 with Exchange died ===
I made the following changes.
DNS
Changed mail from pointing to .1 to pointing to .2
Removed the port forwarding (HTTPS, POP3, SMTP) to .2 (Exchange 2007)
Deleted the .1 alias in the firewall
Changed the port forwarding for Exchange 2013 (HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143) to now respond to .2
POP3 works with Internal Outlook Clients
OWA works internally
ActiveSync works internally
What does not work...
External OWA
External ActiveSync
I tested with the domain name as well as the IP.
HTTP does work. It provides the correct 404 page.
What I get when I access OWA Externally using mail.domain.com/owa
The Outlook Web App screen displays
Starting...
Still working on it ...
Site can't be reached.
Everything works inside but not outside. Any ideas?
Two External IPs (.1,.2)
DNS
mail.domain.com -> .1
remote.domain.com -> .2
webmail.domain.com -> .2
Network Security Appliance
Both IPs come through one WAN port
.2 is the primary
.1 is an alias
Firewall Port Forwarding
.2 (HTTPS, SMTP,POP3,) -> Server 2008 with Exchange 2007
.1 (HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143) -> Server 2012 R2 with Exchange 2013
MX Records are pointing to -> Server 2012R2 with Exchange 2013
The servers are operating in co-existence. The mailboxes, public folders, etc. are all on the Exchange 2013 server.
OWA to the Exchange 2013 is working.
ActiveSync to the Exchange 2013 is working.
=== Server 2008 with Exchange died ===
I made the following changes.
DNS
Changed mail from pointing to .1 to pointing to .2
Removed the port forwarding (HTTPS, POP3, SMTP) to .2 (Exchange 2007)
Deleted the .1 alias in the firewall
Changed the port forwarding for Exchange 2013 (HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143) to now respond to .2
POP3 works with Internal Outlook Clients
OWA works internally
ActiveSync works internally
What does not work...
External OWA
External ActiveSync
I tested with the domain name as well as the IP.
HTTP does work. It provides the correct 404 page.
What I get when I access OWA Externally using mail.domain.com/owa
The Outlook Web App screen displays
Starting...
Still working on it ...
Site can't be reached.
Everything works inside but not outside. Any ideas?
is the external IP address for mail.domain.com pointing to your exchange 2013 server. make sure your external autodiscover record and host name record is pointing to the correct IP for your exchange server.
ASKER
The external DNS at Network Solutions has
mail.domain.com
remote.domain.com
autodiscover.domain.com
pointing to the external static IP address. The external IP address is programmed into the network security appliance/router. The network security appliance/firewall port forwards the HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143 protocols to the Exchange Server internal IP address.
mail.domain.com
remote.domain.com
autodiscover.domain.com
pointing to the external static IP address. The external IP address is programmed into the network security appliance/router. The network security appliance/firewall port forwards the HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143 protocols to the Exchange Server internal IP address.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, the following are forwarded to the CAS -> HTTPS, SMTP, POP3, POP3_995, SMTP_687, HTTP, IMAP_993, IMAP_143
Test using the Remote Connectivity Analyzer and review results.
https://testconnectivity.microsoft.com/
https://testconnectivity.microsoft.com/
ASKER
After working with network security appliance vendor, I was able to confirm that the programming in the gateway firewall is correct. I found out that although programmed correctly, the firewall was not operating as such. I programmed a new firewall device while I let the current one sit powered down. I powered up the current firewall one more time. It worked! I think the memory must have not taken the programming originally and a cold boot with a delayed recycle solved the issue.