Re: RPC over HTTP - Have you gotten it to work II
From: neo [mvp outlook] (neoheart_at_remove-heart.mvps.org)
Date: 04/08/04
- Next message: Milly Staples [MVP - Outlook]: "Re: Configuring Outlook 2000 to send email only not to recieve"
- Previous message: Milly Staples [MVP - Outlook]: "Re: Maximum size for distribution lists"
- In reply to: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Next in thread: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Reply: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 7 Apr 2004 18:18:40 -0700
Assuming the following configuration with use of a broadband<?> router...
1) Server(s) are behind a router that lets you share an IP address
2) Client (laptop) is on public internet side of router
3) Configure router to route port 443 (HTTPS) to Exchange server. (For sake
of clarity of this example, I'm pretending that I have a single exchange
server that is doing it all.) No other ports need to be opened to the
servers.
4) Review http://support.microsoft.com/default.aspx?scid=kb;en-us;833401
Step #1 is done to Exchange server
Step #2 is done to Global Catalog server(s) that Exchange uses
5) Assuming that you are using a private (self-issued) certificate, make
sure that the laptop has a copy of the approving root CA installed. (Outlook
will throw no errors if it can't trace the certificate back up the chain and
just fail the connection over to a standard TCP/IP connection [which is port
135 by the way].)
Step #5 should be thought of this way, if you attach the certificate to a
website, type https://fqdn.myserver.ext in your browser, and get any type of
dialog about the certificate not being trusted, doesn't match what was typed
in for an address, .etc, the RPC/HTTPs connection will fail everytime.
(Took me a while to figure this one out because no dialogs are ever
displayed that something is wrong.)
"Zeus" <anonymous@discussions.microsoft.com> wrote in message
news:18f5a01c41b9e$70455070$a101280a@phx.gbl...
> Thanks for the help Neo, RPCDIAG shows the server name
> and type directory and referal and under the Conn heading
> for both "---" with status "connecting". A netstat shows
> me trying to connect to the server's IP on port 135 with
> SYN_SENT. The firewall is just a D-Link router for the
> time being to simplify things. I have ports 6001 and 6004
> open to the server. The only way I can connect to it via
> outlook is if I open port 135 to the server. I've
> configured the server to issue a certificate to both the
> FQDN and the public DNS name of the server with the same
> results.
>
> using RPCPING (rpcping.exe -t ncacn_http -s
> ExchangeServerName -o RpcProxy=ProxyServerName -
> P "user,domain,*" -H 1 -u 10 -a connect -F 3 -E -R none)
> simply produces "ping failed" with no other information.
>
> >-----Original Message-----
> >Start Outlook with the /rpcdiag command line switch.
> Does it look like
> >Outlook is hanging on connecting to the Global Catalog
> server or Exchange
> >before jumping back to a standard TCP/IP connection?
> >
> >Also, can you tell us a little about the setup? For
> example, is exchange
> >and the global catalog server NAT'd behind the
> firewall? Are both
> >resolvable from the internet? You mentioned firewall,
> what kind of firewall
> >are the boxes behind (PIX, Checkpoint)? Have you
> successfully establish a
> >RPC/HTTPs connection on the corporate network w/out
> jumping through the
> >firewall?
> >
> >"Zeus" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:90CA1DB3-4AAC-4935-81BD-
> 1649319C864C@microsoft.com...
> >> I've been down the road Bill has (see post RPC over
> HTTP - Have you gotten
> >it to work) including the information provided by
> neo...but still no joy!
> >The only way I can get a connection using this technique
> is to open port 135
> >on the server firewall(not a long term solution,
> obviously). I've gone over
> >every scrap of crap Microsoft has to say and I'm out of
> ideas. Can anyone
> >offer any suggestions?
> >>
> >> Thanks in advance
> >
> >
> >.
> >
- Next message: Milly Staples [MVP - Outlook]: "Re: Configuring Outlook 2000 to send email only not to recieve"
- Previous message: Milly Staples [MVP - Outlook]: "Re: Maximum size for distribution lists"
- In reply to: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Next in thread: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Reply: Zeus: "Re: RPC over HTTP - Have you gotten it to work II"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
