Re: Exchange 2003, OWA, ISA 2004 and Windows 2003. Does not work via SSL from the outside

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: JanG (jang_at_plusdata.no)
Date: 09/15/04 

Date: Wed, 15 Sep 2004 21:27:08 +0200

Thanks Alan

Problem solved after creating new server Certificate with correct
web-server-name!!!

Thx

JanG

"Alan Sun [MSFT]" <v-asun@online.microsoft.com> skrev i melding
news:5x17zVKlEHA.2516@cpmsftngxa10.phx.gbl...
> Hi JanG,
>
> Thanks for your posting here.
>
> According to the information in the post, OWA doesn't work after
publishing
> trough ISA. This issue is related to ISA. I suggest you re-submit it in
ISA
> newsgroup to resolve it quickly. The reason why we recommend posting
> appropriately is you will get the most qualified pool of respondents, and
> other partners who the newsgroups regularly can either share their
> knowledge or learn from your interaction with us. Thank you for your
> understanding.
>
> In addition, I have provided some research and provided you some
> information about this issue.
>
> This issue can occur if the URL you use to access OWA is different from
the
> certificate name you specified on the CEICW wizard. At this time, please
> open SBS 2003 Server Management, go to Standard Management->To Do List,
> click "Connect to the Internet" to bring up CEICW, click Next, select
> "Create a new web server certificate" when on the "Web Server Certiciate"
> page, type the public FQDN you use to access OWA in the "Web server name"
> text box (for example, if you access OWA using
> https://mail.company.com/exchange, you should type in mail.company.com),
go
> through the wizard, and then check if you can access OWA.
>
> The following articles may be helpful, you may take a look:
>
> 290113 How to Publish Outlook Web Access Behind Internet Security and
> http://support.microsoft.com/?id=290113
>
> 307347 Secure OWA Publishing Behind ISA Server May Require Custom HTTP
> Header
> http://support.microsoft.com/?id=307347
>
> 327990 Enable SSL Listeners Option Is Turned On After You Run the Internet
> http://support.microsoft.com/?id=327990
>
> Have a nice day!
>
> Thanks & Regards
> Alan Sun
> Microsoft Online Partner Support
>
> Get Secure! - www.microsoft.com/security
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
> --------------------
> |Reply-To: "JanG" <jang@nospam.plusdata.no>
> |From: "JanG" <jang@plusdata.no>
> |Subject: Exchange 2003, OWA, ISA 2004 and Windows 2003. Does not
work
> via SSL from the outside
> |Date: Mon, 6 Sep 2004 11:26:02 +0200
> |Lines: 50
> |X-Priority: 3
> |X-MSMail-Priority: Normal
> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
> |X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
> |Message-ID: <#CcQfN$kEHA.3608@TK2MSFTNGP09.phx.gbl>
> |Newsgroups: microsoft.public.exchange.setup
> |NNTP-Posting-Host: vpn.plusdata.no 213.145.180.114
> |Path:
>
cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09
> phx.gbl
> |Xref: cpmsftngxa10.phx.gbl microsoft.public.exchange.setup:115757
> |X-Tomcat-NG: microsoft.public.exchange.setup
> |
> |Hello folks
> |
> |My scenario:
> |
> |Two servers
> |Server1:
> |Windows 2003 SBS with Exchange and OWA
> |Private IP: 192.168.10.12
> |
> |Server 2:
> |Windows 2003 with ISA 2004
> |One NIC on the private net, IP192.168.10.12
> |One NIC on the public side (Internet) i.e. 70.80.90.123
> |DNS configured to point to the public NIC: mail.company.com
> |
> |I have followed the Microsoft Document on how to set up OWA on ISA
> 2004,
> |including transferring the certificate, establishing av https
> |tunnelling/bridge between then Exchange server and the ISA server
> |
> |My problem:
> |OWA inside the private Net works OK when they access
> |https://companyweb.domain.local/exchange
> |Login in and using the web-access is OK. I do get a warning
regarding
> the
> |certificate authority, but when accepted, thing works. It also works
> from
> |the console of the ISA server when I use
> https://mail.company.com/exchange
> |(the mail.company.com is added to the local HOSTS file pointing to
> |192.168.10.12 as described in the MS document mentioned above)
> |
> |OWA does NOT work from the outside
> |When pointing my browser to https://mail.company.com/exchange, I get
> the
> |certificate warning stating error on 1. and 3. line, the first a
> warning
> |about the Certificate authoruty, the third about the name. The
second
> about
> |the certificates date is OK.
> |
> |If I accept the message I get a error message in IE telling:
> |The page cannot be displayed:
> |Technical Information (for support personnel)
> |Error Code: 500 Internal Server Error. The target principal name is
> |incorrect. (-2146893022)
> |
> |I guess this is an issue with certificates between the ISA bridge
and
> the
> |Exchange OWA, but I cant find the "right spot" where to put the
> needle :-)
> |
> |Anyone to point me in the right direction here?
> |
> |Thx in advance
> |
> |JanG
> |
> |
> |
>

Relevant Pages

  • Re: SharePoint 3.0: problems with external access
    ... Here are the steps to publish a WSS 3.0 application behind ISA Server. ... Let's assume that you created a new WSS 3.0 application, that listens to port 80, and the host header is 'Intranet'. ... Go to IIS Manager and make sure that the IP address of the site is set to the IP address of the server. ... Run the wizard to create a new SSL certificate for the site. ...
    (microsoft.public.windows.server.sbs)
  • Re: Adding EXCH2007 SP1 box to existing EXCH2003 SP2 Org
    ... Certificates - going to be using a SAN Certificate like I have many times before. ... We are making this a virtual server (someone is going on-site on Thursday to install VMWare (which will kill everything on this box) and WIN2008 Server SP1 x64 and then I will install EXCH2007 SP1. ... as mentioned - ISA was not involved in any of those eight environments.... ...
    (microsoft.public.exchange.admin)
  • Re: Adding EXCH2007 SP1 box to existing EXCH2003 SP2 Org
    ... Certificates - going to be using a SAN Certificate like I have many times before. ... If the Exchange 2007 box is hosting mailboxes, it won't work as a front-end equivalent. ... We are making this a virtual server and WIN2008 Server SP1 x64 and then I will install EXCH2007 SP1. ... as mentioned - ISA was not involved in any of those eight environments.... ...
    (microsoft.public.exchange.admin)
  • Re: Configuring SBS2003 for OWA and RWW
    ... And make sure certificate will not be ... On the Connection Type page, click Broadband, and then click Next. ... next to Preferred DNS server and next to ... If you are using ISA, please go to ISA management console, and navigate ...
    (microsoft.public.windows.server.sbs)
  • Exchange 2003, OWA, ISA 2004 and Windows 2003. Does not work via SSL from the outside
    ... Windows 2003 SBS with Exchange and OWA ... I have followed the Microsoft Document on how to set up OWA on ISA 2004, ... tunnelling/bridge between then Exchange server and the ISA server ... certificate authority, but when accepted, thing works. ...
    (microsoft.public.exchange.setup)