C Y
asked on
Exchange 2016 can't access OWA from external?
Hi Expert,
I have setup ms exchange 2016 in my company environment, done configured SSL and setup all virtual directory internal and external url as exchange.company.com, but I still can't land on https://exchange.company.com/owa when using public network. Is there anything missing in my below configuration?
Currently the network environment is Internet > Link Controller > Exchange
In internal DNS
- Host A records for Exchange Server pointed to internal IP address (192.X.X.X)
- Host A records for autodiscover.company.com pointed to exchange internal IP (192.X.X.X)
- MX records for exchange.company.com
In external DNS
- Host A records for autodiscover.company pointed to external IP of exchange server
- Host A records for exchange pointed to external IP of exchange server
Using public network i'm able to ping exchange.company.com and autodiscover.company.com that resolve to the external IP of my exchange server.
Any thing else i can check?
Thanks!
I have setup ms exchange 2016 in my company environment, done configured SSL and setup all virtual directory internal and external url as exchange.company.com, but I still can't land on https://exchange.company.com/owa when using public network. Is there anything missing in my below configuration?
Currently the network environment is Internet > Link Controller > Exchange
In internal DNS
- Host A records for Exchange Server pointed to internal IP address (192.X.X.X)
- Host A records for autodiscover.company.com pointed to exchange internal IP (192.X.X.X)
- MX records for exchange.company.com
In external DNS
- Host A records for autodiscover.company pointed to external IP of exchange server
- Host A records for exchange pointed to external IP of exchange server
Using public network i'm able to ping exchange.company.com and autodiscover.company.com that resolve to the external IP of my exchange server.
Any thing else i can check?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi all, firewall rules has allowed TCP 443 as i'm able to telnet the public ip with port 443, connection successful.
My network team told me that they have bypassed the load balancer, however when I tried to capture the network in my exchange server using wireshark and i can see the load balancer IP fowarding network with connection reset error?
My network team told me that they have bypassed the load balancer, however when I tried to capture the network in my exchange server using wireshark and i can see the load balancer IP fowarding network with connection reset error?
When you bypass the LB did you see OWA page?
ASKER
Hi MAS,
According to my network teams, they have configure to bypass LB, but i still couldnt see the owa pages.
I checked in my EMC > certificate, noticed my CA has revocation check failed. Does this relate to my error that i cant access externally via public IP?
According to my network teams, they have configure to bypass LB, but i still couldnt see the owa pages.
I checked in my EMC > certificate, noticed my CA has revocation check failed. Does this relate to my error that i cant access externally via public IP?
DO you have a 3rd party certificate installed?
Your server has access to the 3rd part CA server?
Please post the screenshots of what you see when you open OWA from outside and inside
Your server has access to the 3rd part CA server?
Please post the screenshots of what you see when you open OWA from outside and inside
ASKER
Hi MAS,
i resolved the SSL certificate error with netsh winhttp and force it to follow my Internet explorer settings, which use proxy server for internet connection.
Right now, the SSL cert in exchange is valid and active, and yes it is a 3rd party certificate installed from Digicert.
Here attached internal OWA screenshot, for external OWA it just display this page cant be display error message.
ExchangeInternalOWA.JPG
i resolved the SSL certificate error with netsh winhttp and force it to follow my Internet explorer settings, which use proxy server for internet connection.
Right now, the SSL cert in exchange is valid and active, and yes it is a 3rd party certificate installed from Digicert.
Here attached internal OWA screenshot, for external OWA it just display this page cant be display error message.
ExchangeInternalOWA.JPG
Yes I know it was an issue with internet access/CA server access.
Anyway glad to know you fixed it. :))
Anyway glad to know you fixed it. :))
ASKER
Hi everyone, after my network team allowed the 443 port and i'm able to land on OWA web pages externally, but no matter what credential i type in, it wont allow me to login into OWA, it state incorrect user account and password!
in my exchange server, i cant login ecp or owa as well..
Urgently need feedback on this.
Thanks!
in my exchange server, i cant login ecp or owa as well..
Urgently need feedback on this.
Thanks!
Appreciate if you close this question and ask a new question.
If it doesnt work you have to check your Virtual directories configured in OWA VDs.