Re: OWA works internally but not externally?

• Previous message: Sandra: "Deploying a new Exchange 2003 server"
• In reply to: Marty Leaf: "Re: OWA works internally but not externally?"
• Next in thread: Marty Leaf: "Re: OWA works internally but not externally?"
• Reply: Marty Leaf: "Re: OWA works internally but not externally?"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 25 Mar 2004 23:01:32 GMT

Hi Marty,

I also suggest you refer to this White Paper: 326303 XCCC: White Paper -
Troubleshooting Outlook Web Access in Microsoft --
http://support.microsoft.com/?id=326303

Enjoy your day!

Best regards,

Terry Liu
MCSE 2K MCSA MCDBA CCNA
Microsoft Online Support Engineer

Get Secure! - <www.microsoft.com/security>
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
60From: "Marty Leaf" <no@email.com>
60References: <uerW$UPDEHA.2920@TK2MSFTNGP09.phx.gbl>
<xRnxZYXDEHA.660@cpmsftngxa06.phx.gbl>
<ue2vSKdDEHA.3152@TK2MSFTNGP10.phx.gbl>
<e7GVOwOEEHA.2628@TK2MSFTNGP11.phx.gbl>
<j7EmiFTEEHA.564@cpmsftngxa06.phx.gbl>
<uj9YfCdEEHA.1544@TK2MSFTNGP09.phx.gbl>
<czb2YbeEEHA.3968@cpmsftngxa06.phx.gbl>
<#1rBojeEEHA.3064@tk2msftngp13.phx.gbl>
<x20Qv4eEEHA.660@cpmsftngxa06.phx.gbl>
60Subject: Re: OWA works internally but not externally?
60Date: Thu, 25 Mar 2004 16:43:26 -0500
60Lines: 724
60X-Priority: 3
60X-MSMail-Priority: Normal
60X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
60X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
60Message-ID: <OO4X1IrEEHA.2548@TK2MSFTNGP12.phx.gbl>
60Newsgroups: microsoft.public.exchange2000.general
60NNTP-Posting-Host:
66-208-231-43-ubr01b-malvrn01-pa.hfc.comcastbusiness.net 66.208.231.43
60Path:
cpmsftngxa06.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08
phx.gbl!TK2MSFTNGP12.phx.gbl
60Xref: cpmsftngxa06.phx.gbl microsoft.public.exchange2000.general:53390
60X-Tomcat-NG: microsoft.public.exchange2000.general
60
60Still not there yet. I feel the problem is with SSL. I sent the following
60e-mail to InstantSSL, the company I bought the SSL cert from:
60--------------------------------------------------------------------------

--
60-------------------
60On Friday, March 19th, I received my SSL cert. I followed your directions
60listed on your web site for Installing a Certificate (Outlook Web Access &
60ISA 2000 Server). I have been racking my brain trying to figure out why 
from
60a remote computer outside our company I get the following error:
60
60**************************************************************************
**
60*****
60500 Internal Server Error - The network logon failed. (1790)
60Internet Security and Acceleration Server
60**************************************************************************
**
60*****
60
60I also noticed these errors in the event log of the server that host IIS &
60Exchange 2003:
60
60**************************************************************************
**
60*****
60Event Type: Error
60Event Source: Schannel
60Event Category: None
60Event ID: 36871
60Date:  3/25/2004
60Time:  9:31:42 AM
60User:  N/A
60Computer: EXCH
60Description:
60A fatal error occurred while creating an SSL server credential.
60**************************************************************************
**
60*****
60Event Type: Error
60Event Source: Schannel
60Event Category: None
60Event ID: 36869
60Date:  3/25/2004
60Time:  9:43:46 AM
60User:  N/A
60Computer: EXCH
60Description:
60The SSL server credential's certificate does not have a private key
60information property attached to it. This most often occurs when a
60certificate is backed up incorrectly and then later restored. This message
60can also indicate a certificate enrollment failure.
60**************************************************************************
**
60*****
60Knowing nothing about SSL, I was wondering if these errors are the reason 
I
60can't logon to the server.
60Any Ideas?
60
60"Terry Liu [MSFT]" <v-teliu@online.microsoft.com> wrote in message
60news:x20Qv4eEEHA.660@cpmsftngxa06.phx.gbl...
60> Hi Marty,
60>
60> You may refer to the steps below:
60>
60> 1. Obtain and install the latest service pack for ISA Server 2000.
60>
60> For additional information about how to do so, click the article number
60> below to view the article in the Microsoft Knowledge Base:
60>
60> KBLink:313139.KB.EN-US: How to Obtain the Latest Internet Security and
60> Acceleration Server 2000 Service Pack
60>
60> 2. Stop the Web Proxy service.
60> 3. Start Registry Editor.
60> 4. Locate and click the following registry key:
60>
60> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3Proxy\Parameters
60>
60> 5. Create a new DWORD value that is named AddFrontEndHttpsHeader, and 
then
60> give this new value a data value of 1.
60> 6. Start the Web Proxy service.
60>
60> In addition, you may refer to this link:
60>
60> 823074 "500 Internal Server Error - The Received Certificate Has
60Expired -- 
60> http://support.microsoft.com/?id=823074
60>
60> 328917 Error (target prinicipal name is incorrect) when accessing a Web 
-- 
60> http://support.microsoft.com/?id=328917
60>
60> Best regards,
60>
60> Terry Liu
60> MCSE 2K MCSA MCDBA CCNA
60> Microsoft Online Support Engineer
60>
60> Get Secure! - <www.microsoft.com/security>
60> =====================================================
60> When responding to posts, please "Reply to Group" via your newsreader so
60> that others may learn and benefit from your issue.
60> =====================================================
60> This posting is provided "AS IS" with no warranties, and confers no
60rights.
60>
60> --------------------
60> 60From: "Marty Leaf" <no@email.com>
60> 60References: <uerW$UPDEHA.2920@TK2MSFTNGP09.phx.gbl>
60> <xRnxZYXDEHA.660@cpmsftngxa06.phx.gbl>
60> <ue2vSKdDEHA.3152@TK2MSFTNGP10.phx.gbl>
60> <e7GVOwOEEHA.2628@TK2MSFTNGP11.phx.gbl>
60> <j7EmiFTEEHA.564@cpmsftngxa06.phx.gbl>
60> <uj9YfCdEEHA.1544@TK2MSFTNGP09.phx.gbl>
60> <czb2YbeEEHA.3968@cpmsftngxa06.phx.gbl>
60> 60Subject: Re: OWA works internally but not externally?
60> 60Date: Wed, 24 Mar 2004 16:42:27 -0500
60> 60Lines: 509
60> 60X-Priority: 3
60> 60X-MSMail-Priority: Normal
60> 60X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
60> 60X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
60> 60Message-ID: <#1rBojeEEHA.3064@tk2msftngp13.phx.gbl>
60> 60Newsgroups: microsoft.public.exchange2000.general
60> 60NNTP-Posting-Host:
60> 66-208-231-43-ubr01b-malvrn01-pa.hfc.comcastbusiness.net 66.208.231.43
60> 60Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
60> 60Xref: cpmsftngxa06.phx.gbl microsoft.public.exchange2000.general:53303
60> 60X-Tomcat-NG: microsoft.public.exchange2000.general
60> 60
60> 60Terry,
60> 60
60> 60I got it working with Basic authentication (without SSL). I purchased 
an
60> SSL
60> 60cert and installed it.I ran through three different tutorials but I 
now
60> get
60> 60a "500 Internal Server Error - The network logon failed. (1790) 
Internet
60> 60Security and Acceleration Server" I feel that I am so close. 
Tomorrow, I
60> am
60> 60going to go through the tutorials & white paper one more time. Do you
60have
60> 60any quick ideas about the 500 error & SSL?
60> 60
60> 60Thanks,
60> 60Marty
60> 60
60> 60
60> 60
60> 60"Terry Liu [MSFT]" <v-teliu@online.microsoft.com> wrote in message
60> 60news:czb2YbeEEHA.3968@cpmsftngxa06.phx.gbl...
60> 60> Hi Marty,
60> 60>
60> 60> Thank you for your update and I am glad to hear that we have make 
some
60> 60> progresses.
60> 60>
60> 60> Please take your time to follow the steps in the White Paper. If you
60> have
60> 60> any questions, please feel free to post back!
60> 60>
60> 60> Have a nice day!
60> 60>
60> 60> Best regards,
60> 60>
60> 60> Terry Liu
60> 60> MCSE 2K MCSA MCDBA CCNA
60> 60> Microsoft Online Support Engineer
60> 60>
60> 60> Get Secure! - <www.microsoft.com/security>
60> 60> =====================================================
60> 60> When responding to posts, please "Reply to Group" via your 
newsreader
60so
60> 60> that others may learn and benefit from your issue.
60> 60> =====================================================
60> 60> This posting is provided "AS IS" with no warranties, and confers no
60> 60rights.
60> 60>
60> 60> --------------------
60> 60> 60From: "Marty Leaf" <no@email.com>
60> 60> 60References: <uerW$UPDEHA.2920@TK2MSFTNGP09.phx.gbl>
60> 60> <xRnxZYXDEHA.660@cpmsftngxa06.phx.gbl>
60> 60> <ue2vSKdDEHA.3152@TK2MSFTNGP10.phx.gbl>
60> 60> <e7GVOwOEEHA.2628@TK2MSFTNGP11.phx.gbl>
60> 60> <j7EmiFTEEHA.564@cpmsftngxa06.phx.gbl>
60> 60> 60Subject: Re: OWA works internally but not externally?
60> 60> 60Date: Wed, 24 Mar 2004 13:48:37 -0500
60> 60> 60Lines: 367
60> 60> 60X-Priority: 3
60> 60> 60X-MSMail-Priority: Normal
60> 60> 60X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
60> 60> 60X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
60> 60> 60Message-ID: <uj9YfCdEEHA.1544@TK2MSFTNGP09.phx.gbl>
60> 60> 60Newsgroups: microsoft.public.exchange2000.general
60> 60> 60NNTP-Posting-Host:
60> 60> 66-208-231-43-ubr01b-malvrn01-pa.hfc.comcastbusiness.net 
66.208.231.43
60> 60> 60Path: 
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
60> 60> 60Xref: cpmsftngxa06.phx.gbl
60microsoft.public.exchange2000.general:53289
60> 60> 60X-Tomcat-NG: microsoft.public.exchange2000.general
60> 60> 60
60> 60> 60Terry,
60> 60> 60
60> 60> 60I am one step closer. I went to the IIS manager on the Exchange
60server
60> 60and
60> 60> 60found out where the 404 error page is kept on the server. I edited
60the
60> 60404
60> 60> 60error page by putting our company name on the page. That way I 
would
60> 60know
60> 60> if
60> 60> 60the IIS error page I was receiving was actually coming form that
60> server.
60> 60> To
60> 60> 60may dismay, it was not. I then went to the ISA server and realized
60> that
60> 60> IIS
60> 60> 60was load on that server. I edited the ISA server's 404 error page
60with
60> 60the
60> 60> 60name of the ISA server. I then found that it was the ISA server's
60IIS
60> 60that
60> 60> 60was giving me the error. I uninstalled IIS from the ISA server.
60Yeah!
60> 60One
60> 60> 60step closer. Now I get a HTTP 403.4 - Forbidden: SSL required 
error
60> that
60> 60> is
60> 60> 60coming from the Exchange server's IIS. I am going to go through 
the
60> 60White
60> 60> 60Paper you linked me this afternoon. I will let you know how it 
turns
60> 60out.
60> 60> 60
60> 60> 60Thank you very much,
60> 60> 60Marty
60> 60> 60
60> 60> 60
60> 60> 60"Terry Liu [MSFT]" <v-teliu@online.microsoft.com> wrote in message
60> 60> 60news:j7EmiFTEEHA.564@cpmsftngxa06.phx.gbl...
60> 60> 60> Hi Marty,
60> 60> 60>
60> 60> 60> It is nice to hear from you again. I would like offer you
60following
60> 60> 60> suggestions:
60> 60> 60>
60> 60> 60> Remove exchfilt:
60> 60> 60> ===============
60> 60> 60> 1. Click Start, point to Programs, click Administrative Tools, 
and
60> 60then
60> 60> 60> click Internet Services Manager.
60> 60> 60> 2. Right-click Default Web Site, and then click Properties.
60> 60> 60> 3. Click the ISAPI Filters tab.
60> 60> 60> 4. Click exchfilt, and then click Remove.
60> 60> 60> 5. Click Apply, and then click OK.
60> 60> 60>
60> 60> 60> NOTE:   Do not delete the Microsoft Exchange Web Component entry
60on
60> 60the
60> 60> 60> ISAPI filters tab.  This filter is the Exchange 2000 OWA ISAPI
60> filter
60> 60> 60> component and must be present for OWA to work properly.
60> 60> 60>
60> 60> 60> For your reference:
60> 60> 60> 288123 HTTP Error 404 "Page Cannot Be Displayed" When You 
Attempt
60to
60> 60> 60> Connect to -- http://support.microsoft.com/?id=288123
60> 60> 60>
60> 60> 60>
60> 60> 60> Try this link to log on again.
60> 60> 60> ===========================
60> 60> 60> http://mail.companyname.com/exchange
60> 60> 60>
60> 60> 60>
60> 60> 60> In addition, please refer to this famous White Paper to perform
60> 60> 60> troubleshoot on this issue:
60> 60> 60>
60> 60> 60> 326303 XCCC: White Paper - Troubleshooting Outlook Web Access in
60> 60> Microsoft
60> 60> 60> -- http://support.microsoft.com/?id=326303
60> 60> 60>
60> 60> 60> " Symptom
60> 60> 60> " 404 Not Found
60> 60> 60> " Possible Causes and Resolutions
60> 60> 60> " The item requested does not exist in the specified location.
60This
60> 60> error
60> 60> 60> can happen if an item displayed by Outlook Web Access is later
60> deleted
60> 60> in
60> 60> 60> Outlook. The view in Outlook Web Access does not refresh
60> 60automatically;
60> 60> if
60> 60> 60> you delete an item in Outlook, and later try to open the item in
60> 60Outlook
60> 60> 60> Web Access, you receive this error because the item no longer
60exists
60> 60in
60> 60> 60> that location on the server.
60> 60> 60> " If you receive a 401 Access Denied error when you go to
60> 60> 60> http://>/exchange or a 404 Not Found error when you go to
60> 60> 60> http://>/exchange/<user name>, the user you are 
attempting
60to
60> 60> 60> authenticate as does not have an SMTP address that matches the
60SMTP
60> 60> domain
60> 60> 60> set on the corresponding SMTP virtual directory in Exchange 
System
60> 60> 60Manager.
60> 60> 60> For more information, see the following Microsoft Knowledge Base
60> 60> articles:
60> 60> 60> " Q293386, "XWEB: Error Message: HTTP/1.0 401 or 404," at
60> 60> 60> http://go.microsoft.com/fwlink/?LinkId=3052&ID=293386.
60> 60> 60> " Q257891, "XWEB: 'The Page Could Not be Found' Error Message 
When
60> You
60> 60> Use
60> 60> 60> OWA," at http://go.microsoft.com/fwlink/?LinkId=3052&ID=257891.
60> 60> 60> " You have URLscan configured in IIS, and it is blocking 
requests.
60> For
60> 60> 60more
60> 60> 60> information, see Microsoft Knowledge Base article Q309508, 
"XCCC:
60> IIS
60> 60> 60> Lockdown and URLscan Configurations in an Exchange Environment,"
60at
60> 60> 60> http://go.microsoft.com/fwlink/?LinkId=3052&ID=309508.
60> 60> 60> " If you upgraded this server from Outlook Web Access in 
Microsoft
60> 60> 60Exchange
60> 60> 60> Server version 5.5, you may still have Exchfilt.dll configured 
to
60> 60handle
60> 60> 60> localization for Outlook Web Access. For more information, see
60> 60Microsoft
60> 60> 60> Knowledge Base article Q288123, "HTTP Error 404 'Page Cannot Be
60> 60> Displayed'
60> 60> 60> When You Attempt to Connect to the OWA Server," at
60> 60> 60> http://go.microsoft.com/fwlink/?LinkId=3052&ID=288123.
60> 60> 60> " If this error occurs only when you use a front-end server to
60> access
60> 60> 60> Outlook Web Access, the front-end server or back-end server may
60not
60> be
60> 60> 60> configured properly. In particular, check for the following
60issues:
60> 60> 60> " If the back-end server is a member of a cluster, you must
60perform
60> 60> 60special
60> 60> 60> configuration steps. For more information, see Microsoft 
Knowledge
60> 60Base
60> 60> 60> article Q312422, "XCCC: 'HTTP 404' Error Appears When You Try to
60Log
60> 60On
60> 60> to
60> 60> 60> OWA Through a Front-End Server in a Cluster," at
60> 60> 60> http://go.microsoft.com/fwlink/?LinkId=3052&ID=312422.
60> 60> 60> " Ensure that the HTTP virtual server and directory 
configurations
60> on
60> 60> the
60> 60> 60> front end servers match those of the back-end servers. In
60> particular,
60> 60> 60> ensure that front-end virtual servers or directories that point 
to
60> 60> mailbox
60> 60> 60> stores use the same domains as the corresponding back-end 
virtual
60> 60> servers
60> 60> 60> or directories (incorrectly configured domains are a common
60> problem).
60> 60> 60> For more troubleshooting recommendations that are specific to
60> 60front-end
60> 60> 60and
60> 60> 60> back end configurations, see the technical paper Exchange 2000
60> 60Front-End
60> 60> 60> and Back-End Topology at
60> http://go.microsoft.com/fwlink/?linkid=4721.
60> 60> 60> " The virtual directory under which Outlook Web Access runs may
60have
60> 60> 60> bindings (IP address, host header, or TCP port) that are 
different
60> 60from
60> 60> 60> what users type in their Web browsers. For example, if you set a
60> host
60> 60> 60> header of myserver.fabrikam.com on the Exchange virtual 
directory
60in
60> 60> IIS,
60> 60> 60> and users type http://myserver/exchange to access their 
mailboxes,
60> 60they
60> 60> 60may
60> 60> 60> get a 404 Not Found error because the URLs are not an exact 
match.
60> To
60> 60> 60> remedy the inconsistency, add another host header, called
60myserver,
60> to
60> 60> the
60> 60> 60> virtual directory. Similarly, the TCP port or IP address may be
60> 60> different
60> 60> 60> from those that users are using to access Outlook Web Access,
60which
60> 60> could
60> 60> 60> also result in a 404 Not Found error.
60> 60> 60> Note   Host Header in Internet Services Manager is the same as
60Host
60> 60Name
60> 60> 60in
60> 60> 60> System Manager.
60> 60> 60>
60> 60> 60> Hope the information helps.
60> 60> 60>
60> 60> 60> Have a nice day!
60> 60> 60>
60> 60> 60> Best regards,
60> 60> 60>
60> 60> 60> Terry Liu
60> 60> 60> MCSE 2K MCSA MCDBA CCNA
60> 60> 60> Microsoft Online Support Engineer
60> 60> 60>
60> 60> 60> Get Secure! - <www.microsoft.com/security>
60> 60> 60> =====================================================
60> 60> 60> When responding to posts, please "Reply to Group" via your
60> newsreader
60> 60so
60> 60> 60> that others may learn and benefit from your issue.
60> 60> 60> =====================================================
60> 60> 60> This posting is provided "AS IS" with no warranties, and confers
60no
60> 60> 60rights.
60> 60> 60>
60> 60> 60> --------------------
60> 60> 60> 60From: "Marty Leaf" <no@email.com>
60> 60> 60> 60References: <uerW$UPDEHA.2920@TK2MSFTNGP09.phx.gbl>
60> 60> 60> <xRnxZYXDEHA.660@cpmsftngxa06.phx.gbl>
60> 60> 60> <ue2vSKdDEHA.3152@TK2MSFTNGP10.phx.gbl>
60> 60> 60> 60Subject: Re: OWA works internally but not externally?
60> 60> 60> 60Date: Tue, 23 Mar 2004 10:32:29 -0500
60> 60> 60> 60Lines: 165
60> 60> 60> 60X-Priority: 3
60> 60> 60> 60X-MSMail-Priority: Normal
60> 60> 60> 60X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
60> 60> 60> 60X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
60> 60> 60> 60Message-ID: <e7GVOwOEEHA.2628@TK2MSFTNGP11.phx.gbl>
60> 60> 60> 60Newsgroups: microsoft.public.exchange2000.general
60> 60> 60> 60NNTP-Posting-Host:
60> 60> 60> 66-208-231-43-ubr01b-malvrn01-pa.hfc.comcastbusiness.net
60> 66.208.231.43
60> 60> 60> 60Path:
60> 60> 60>
60> 60>
60>
606060cpmsftngxa06.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSF
TN
60> GP
60> 60> 08
60> 60> 60> phx.gbl!TK2MSFTNGP11.phx.gbl
60> 60> 60> 60Xref: cpmsftngxa06.phx.gbl
60> 60microsoft.public.exchange2000.general:53212
60> 60> 60> 60X-Tomcat-NG: microsoft.public.exchange2000.general
60> 60> 60> 60
60> 60> 60> 60Does it matter that I am currently running in ISA server in
60> 60Integrated
60> 60> 60> mode?
60> 60> 60> 60I have compression turned off in the HTTP Exchange Virtual
60Server
60> 60> 60> 60Properties.
60> 60> 60> 60
60> 60> 60> 60
60> 60> 60> 60"Marty Leaf" <no@email.com> wrote in message
60> 60> 60> 60news:ue2vSKdDEHA.3152@TK2MSFTNGP10.phx.gbl...
60> 60> 60> 60> I configured my ISA server as you detailed & read the
60Microsoft
60> 60> 60articles
60> 60> 60> 60you
60> 60> 60> 60> link too. I am still having the same problems.
60> 60> 60> 60> ***********************
60> 60> 60> 60> When I go to the following addresses for outside my company
60the
60> 60get
60> 60> 60> these
60> 60> 60> 60> two errors.
60> 60> 60> 60>
60> 60> 60> 60> http://mail.companyname.com/exchange/mleaf
60> 60> 60> 60>
60> 60> 60> 60> HTTP 404 - File not found
60> 60> 60> 60> Internet Information Services
60> 60> 60> 60>
60> 60> 60> 60> *****************
60> 60> 60> 60>
60> 60> 60> 60> http://mail.companyname.com/
60> 60> 60> 60>
60> 60> 60> 60> Under Construction
60> 60> 60> 60> The site you were trying to reach does not currently have a
60> 60> 60> 60> default page. It may be in the process of being upgraded.
60> 60> 60> 60>
60> 60> 60> 60> *****************
60> 60> 60> 60> It seems to me that I am getting to the IIS server. The two
60> errors
60> 60> 60seem
60> 60> 60> to
60> 60> 60> 60> be coming from our IIS server correct? Is there a way to 
test
60my
60> 60> 60> 60connection
60> 60> 60> 60> through my Cisco Router/Firewall & ISA server to make sure
60that
60> I
60> 60am
60> 60> 60> 60> reaching the IIS server? I am so confused because if it 
works
60> fine
60> 60> 60> 60> internally but get errors from IIS externally you would 
think
60it
60> 60is
60> 60> 60the
60> 60> 60> 60ISA
60> 60> 60> 60> server of Cisco Router/Firewall. But if that is the case why
60is
60> 60the
60> 60> 60IIS
60> 60> 60> 60> server serving me these errors. I need a way to test my
60> connection
60> 60> 60> through
60> 60> 60> 60> the Router & ISA server to the IIS server.
60> 60> 60> 60>
60> 60> 60>
60> 60> 6060>
60>
6060> 
------------------------------------------------------------------------
60> 60> 60> 60>
60> 60> 60> 60> "Terry Liu [MSFT]" <v-teliu@online.microsoft.com> wrote in
60> message
60> 60> 60> 60> news:xRnxZYXDEHA.660@cpmsftngxa06.phx.gbl...
60> 60> 60> 60> > Hi Marty,
60> 60> 60> 60> >
60> 60> 60> 60> > I suggest you configure Internet Security and Acceleration
60> (ISA)
60> 60> 60> Server
60> 60> 60> 60to
60> 60> 60> 60> > publish an internal Microsoft Exchange Server that is
60running
60> 60> 60Internet
60> 60> 60> 60> > Information Server (IIS) and Outlook Web Access (OWA) by
60> 60following
60> 60> 60the
60> 60> 60> 60> > steps below:
60> 60> 60> 60> >
60> 60> 60> 60> > To configure ISA Server to allow external clients to 
access
60> the
60> 60> 60> internal
60> 60> 60> 60> > OWA server, perform the following four steps:
60> 60> 60> 60> >
60> 60> 60> 60> > 1. Enable an HTTP listener on ISA Server:
60> 60> 60> 60> >
60> 60> 60> 60> > a. In the ISA Management console, expand "Servers and
60Arrays",
60> 60> 60> 60right-click
60> 60> 60> 60> > the ISA Server, and then click Properties.
60> 60> 60> 60> >
60> 60> 60> 60> > b. Click the Incoming Web Requests tab, and then click
60> 60"Configure
60> 60> 60> 60> > listeners individually per IP address".
60> 60> 60> 60> >
60> 60> 60> 60> > c. Click Add, and click the ISA Server name in the list 
box
60in
60> 60the
60> 60> 60> 60> > Add/Edit Listeners dialog box. Enter the IP address that 
is
60> 60> assigned
60> 60> 60> to
60> 60> 60> 60> one
60> 60> 60> 60> > of the external network interface cards (NICs).
60> 60> 60> 60> >
60> 60> 60> 60> > d. Click OK to close the dialog box, and then click OK 
again
60> to
60> 60> save
60> 60> 60> 60> > changes.
60> 60> 60> 60> >
60> 60> 60> 60> > 2. Create a destination set that can point the Web clients
60to
60> 60the
60> 60> 60> 60> > appropriate folders that are used by the OWA Web site:
60> 60> 60> 60> >
60> 60> 60> 60> > a. Open the ISA Management console, expand the ISA
60> Server-based
60> 60> 60> server,
60> 60> 60> 60> > and then click the Policy Elements section.
60> 60> 60> 60> >
60> 60> 60> 60> > b. Expand the Policy Elements section, right-click the
60> 60Destination
60> 60> 60Set
60> 60> 60> 60> > folder, click New, and then click Set. You are prompted to
60> name
60> 60> the
60> 60> 60> new
60> 60> 60> 60> > destination set; name the new destination set "OWA".
60> 60> 60> 60> >
60> 60> 60> 60> > c. In the Destination box, enter the Uniform Resource
60Locator
60> 60> (URL)
60> 60> 60> that
60> 60> 60> 60> > the external Web clients use to access OWA. This URL
60resolves
60> 60the
60> 60> 60> 60Internet
60> 60> 60> 60> > Domain Name System (DNS) name to the external IP address 
on
60> the
60> 60> ISA
60> 60> 60> 60> > Server-based server.
60> 60> 60> 60> >
60> 60> 60> 60> > NOTE: Do not include the "http://" or the "https://" 
portion
60> of
60> 60> the
60> 60> 60> URL
60> 60> 60> 60> > in the Destination box.
60> 60> 60> 60> >
60> 60> 60> 60> > d. In the Path box, type:  "/exchange*" (without the
60quotation
60> 60> 60marks),
60> 60> 60> 60and
60> 60> 60> 60> > then click OK.
60> 60> 60> 60> >
60> 60> 60> 60> > e. Repeat step d for the Exchweb and Public folders, 
adding
60> the
60> 60> path
60> 60> 60> for
60> 60> 60> 60> > each as  "/exchweb*" (without the quotation marks) and
60> 60"/public*"
60> 60> 60> 60> (without
60> 60> 60> 60> > the quotation marks) respectively.
60> 60> 60> 60> >
60> 60> 60> 60> > 3. Create a Web Publishing Rule:
60> 60> 60> 60> >
60> 60> 60> 60> > a. Expand the ISA Server to the Publishing heading.
60> 60> 60> 60> >
60> 60> 60> 60> > b. Under Publishing, right-click Web Publishing Rules, 
click
60> 60New,
60> 60> 60and
60> 60> 60> 60then
60> 60> 60> 60> > click Rule.
60> 60> 60> 60> >
60> 60> 60> 60> > c. Give a descriptive name to this rule, and then click
60Next.
60> 60> 60> 60> >
60> 60> 60> 60> > d. Apply the rule to the specified destination set that 
you
60> 60> created
60> 60> 60in
60> 60> 60> 60> > step 2, and then click Next.
60> 60> 60> 60> >
60> 60> 60> 60> > e. Click Next to accept Any Request.
60> 60> 60> 60> >
60> 60> 60> 60> > f. Click "Redirect the request to this Internal Web 
Server",
60> and
60> 60> 60then
60> 60> 60> 60> > enter the IP address of the internal server.
60> 60> 60> 60> >
60> 60> 60> 60> > g. Click to select the "Send the original host header" 
check
60> 60box,
60> 60> 60> click
60> 60> 60> 60> > Next, and then click Finish.
60> 60> 60> 60> >
60> 60> 60> 60> > h. Open the Services Microsoft Management Console, and 
then
60> 60> 60> right-click
60> 60> 60> 60> > the ISA Server Control. Click Restart, and then click Yes 
to
60> 60> restart
60> 60> 60> all
60> 60> 60> 60> > dependent services.
60> 60> 60> 60> >
60> 60> 60> 60> > 4. Repeat Steps 1 to 3 for any additional hosted domains.
60Each
60> 60> 60> 60additional
60> 60> 60> 60> > hosted domain that corresponds to a different internal
60> Exchange
60> 60> 60Server
60> 60> 60> 60> > should be registered on a different IP address on the
60external
60> 60NIC
60> 60> 60of
60> 60> 60> 60the
60> 60> 60> 60> > ISA Server.NOTE: If the "backend" Exchange server does not
60> hold
60> 60> the
60> 60> 60> Web
60> 60> 60> 60> > client's mailbox, the redirection does not work. If you 
have
60a
60> 60> farm
60> 60> 60of
60> 60> 60> 60> > Exchange 2000 servers that share the same e-mail domain
60> 60namespace,
60> 60> 60it
60> 60> 60> is
60> 60> 60> 60> > not recommended that you use ISA as a "front-end" server.
60> 60> 60> 60> >
60> 60> 60> 60> > For your reference:
60> 60> 60> 60> >
60> 60> 60> 60> > 308599 XCCC: How to Configure Internet Security and
60> Acceleration
60> 60> 60> Server
60> 60> 60> 60to
60> 60> 60> 60> > -- http://support.microsoft.com/?id=308599
60> 60> 60> 60> >
60> 60> 60> 60> > 290113 How to Publish Outlook Web Access Behind Internet
60> 60Security
60> 60> 60and
60> 60> 60> -- 
60> 60> 60> 60> > http://support.microsoft.com/?id=290113
60> 60> 60> 60> >
60> 60> 60> 60> > Hope this information helps.
60> 60> 60> 60> >
60> 60> 60> 60> > Have a nice day!
60> 60> 60> 60> >
60> 60> 60> 60> > Best regards,
60> 60> 60> 60> >
60> 60> 60> 60> > Terry Liu
60> 60> 60> 60> > MCSE 2K MCSA MCDBA CCNA
60> 60> 60> 60> > Microsoft Online Support Engineer
60> 60> 60> 60> >
60> 60> 60> 60> > Get Secure! - <www.microsoft.com/security>
60> 60> 60> 60> > =====================================================
60> 60> 60> 60> > When responding to posts, please "Reply to Group" via your
60> 60> 60newsreader
60> 60> 60> so
60> 60> 60> 60> > that others may learn and benefit from your issue.
60> 60> 60> 60> > =====================================================
60> 60> 60> 60> > This posting is provided "AS IS" with no warranties, and
60> confers
60> 60> no
60> 60> 60> 60> rights.
60> 60> 60> 60> >
60> 60> 60> 60>
60> 60> 60> 60>
60> 60> 60> 60
60> 60> 60> 60
60> 60> 60> 60
60> 60> 60>
60> 60> 60
60> 60> 60
60> 60> 60
60> 60>
60> 60
60> 60
60> 60
60>
60
60
60

• Previous message: Sandra: "Deploying a new Exchange 2003 server"
• In reply to: Marty Leaf: "Re: OWA works internally but not externally?"
• Next in thread: Marty Leaf: "Re: OWA works internally but not externally?"
• Reply: Marty Leaf: "Re: OWA works internally but not externally?"
• Messages sorted by: [ date ] [ thread ]