CONNECTIVITY TEST FAILED: Testing RPC over HTTP connectivity to server (Exchange Online)

Damian Gardner
Damian Gardner used Ask the Experts™
on
CONNECTIVITY TEST FAILED:  Testing RPC over HTTP connectivity to server exchange.laco.com
       RPC over HTTP connectivity failed.

We're in process of preparing to migrate our Exchange 2010 email server to the Microsoft Cloud, and we're getting this error when we do a connectivity test.  We have our SSL cert in place, and we've opened the required ports (TCP/UDP 6000-6004) on our firewall, as well as verified 443 is open.  In spite of this, we get this error above.  I'm looking for anyone who has maybe experienced this same error and worked thru it.  I did find this suggestion online, but am not sure if I need to mess with my server's "External Hostname".  I found it on Technet:

"The ExRCA tool will check the connection by external settings in Exchange.
And, I suppose that the host name of Outlook Anywhere, run "Get-OutlookAnywhere | FL Identity,*Host*" to check it.

If the ExternalHostName is server.domain.local, change it to webmay.mycompany.com and retest ExRCA again. "

Anybody try this with good results?

Thanks for your help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2015
Distinguished Expert 2018

Commented:
Which step is failing exactly? Do you have a valid, externally published autodiscover record for that domain?
MASEE Solution Guide - Technical Dept Head
Most Valuable Expert 2017

Commented:
We need more info to propose a solution.
Where did you see this error?
What are the steps taken to migrate to cloud/exchange online?
Damian GardnerIT Admin

Author

Commented:
sorry - the tool is "Microsoft Remote Connectivity Analyzer" (https://testconnectivity.microsoft.com).  yeah, we added 5 names to our SSL certificate, including "autodiscover.laco.com", which is our domain.  The step it fails at is below (i'll take you thru them):

1) On "Exchange Server" tab, choosing "Outlook Connectivity" option
2) Filling in the following fields for the connectivity test:
Outlook Connectivity
Email address:
dgardner@laco.com
Domain\User Name (or UPN):
(domain)\dgardner
Password:
Confirm password:
 Use Autodiscover to detect server settings
Manually specify server settings
RPC proxy server:
exchange.laco.com
Exchange server:
exchange.laco.com
Mutual authentication principal name:
msstd:exchange.laco.com

3) Click PERFORM TEST

Results in this:

      Connectivity Test Failed
 
Test Details
      Testing Outlook connectivity.
       The Outlook connectivity test failed.
       
      Additional Details
       
Elapsed Time: 232 ms.
       
      Test Steps
       
      Testing RPC over HTTP connectivity to server exchange.laco.com
       RPC over HTTP connectivity failed.
       
      Additional Details
       
HTTP Response Headers:
Content-Length: 58
Content-Type: text/html
Date: Mon, 25 Feb 2019 21:20:49 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: Basic realm="exchange.laco.com"
X-Powered-By: ASP.NET
Elapsed Time: 232 ms.
       
      Test Steps
       
      Attempting to resolve the host name exchange.laco.com in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host exchange.laco.com to ensure it's listening and open.
       The port was opened successfully.
       
      Additional Details
      Testing the SSL certificate to make sure it's valid.
       The certificate passed all validation requirements.
       
      Additional Details
       
      Test Steps
      Checking the IIS configuration for client certificate authentication.
       Client certificate authentication wasn't detected.
       
      Additional Details
      Testing HTTP Authentication Methods for URL https://exchange.laco.com/rpc/rpcproxy.dll?exchange.laco.com:6002.
       The HTTP authentication test failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Damian GardnerIT Admin

Author

Commented:
"exchange.laco.com" is our on-prem Exchange 2010 server, btw
MASEE Solution Guide - Technical Dept Head
Most Valuable Expert 2017

Commented:
Can you please try Outlook Autodiscover as well?
Please make sure 443 is opened in firewall?
What firewall is in use?
Damian GardnerIT Admin

Author

Commented:
yes port 443 is open on our Cisco 5516 ASA.  i am trying outlook autodiscover now...
Damian GardnerIT Admin

Author

Commented:
results are worse when choosing Outlook Autodiscover:


      The Microsoft Connectivity Analyzer is attempting to test Autodiscover for dgardner@laco.com.
       Testing Autodiscover failed.
       
      Additional Details
       
Elapsed Time: 42291 ms.
       
      Test Steps
       
      Attempting each method of contacting the Autodiscover service.
       The Autodiscover service couldn't be contacted successfully by any method.
       
      Additional Details
       
Elapsed Time: 42291 ms.
       
      Test Steps
       
      Attempting to test potential Autodiscover URL https://laco.com:443/Autodiscover/Autodiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Additional Details
       
      Test Steps
      Attempting to test potential Autodiscover URL https://autodiscover.laco.com:443/Autodiscover/Autodiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Additional Details
       
      Test Steps
      Attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
       
      Additional Details
       
      Test Steps
      Attempting to contact the Autodiscover service using the DNS SRV redirect method.
       The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.
       
      Additional Details
       
      Test Steps
      Checking if there is an autodiscover CNAME record in DNS for your domain 'laco.com' for Office 365.
       Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning.
        Tell me more about this issue and how to resolve it
       
      Additional Details
EE Solution Guide - Technical Dept Head
Most Valuable Expert 2017
Commented:
You are supposed to get something like this. Make sure your firewall is not blocking 443 traffic.
Make sure 205.178.189.131 is properly NAT on firewall.
Capture5.PNG
Damian GardnerIT Admin

Author

Commented:
Sorry I missed your session request.  I was on another call and didn't see it until now.  i will watch for another one.  thanks.
Damian GardnerIT Admin

Author

Commented:
i am pretty sure 443 traffic is not being blocked.
Damian GardnerIT Admin

Author

Commented:
i guess the connect request does not show itself behind other windows.  so i'm keeping this screen at the forefront for a little while...in case you still have time.
Damian GardnerIT Admin

Author

Commented:
i saw the request...but it says "The expert has left the session."
Damian GardnerIT Admin

Author

Commented:
we figured it out.  had to add a CNAME DNS record for our autodiscover.domain.com name.  We're all good.  thanks for your help though!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial