web outlook

amyamandaallen

Hi,

Wonder if any gurus can shed some light please.

We have exchange 2003 and happily run web outlook on our internal network. We have decided to put this facility out onto the web and have requested an external web name and given in an IP address from a set we own. We have got a netscreen router which has port 80 open ( to later become 443 ) to forward the outside IP address to our internal exchange server IP address. There is no firewall on the server itself.

From inside the company we just type http://exchange to get access. If internally we type http://exchange.mickeymouse.co.uk the page fails. However if we type http://exchange.local.mickeymouse.co.uk it works internally fine.

From the outside world we can ping the external address no problem and also ping http://exchange.mickeymouse.co.uk no problem. However we just cant get through to web outlook.

Any ideas as Im pulling my hair out trying to get this to work

PS - Im not walt disney, this is just for reference.

Silver Bullet

Sounds like you need to add a Cname record in DNS for exchange in the mickeymouse.co.ukzone for your exchange server.

Silver Bullet

Are your external ping requests returning the correct IP address?

Can you access your exchange OWA externally by IP Address?

Everlife

Hi there,

We have a similar setup, but use ISA 2000. With our setup, we have specific web publishing rules that redirect requests from the public dns name to the internal dsn name.

I haven't set this up outside an ISA environment, but I'm pretty sure you need some type of web publishing rules. Something like destination: http://exchange.mickeymouse.co.uk, action-> redirect: http://exchange.local.mickeymouse.co.uk.

amyamandaallen

Silver Bullet wrote:

Are your external ping requests returning the correct IP address?

Can you access your exchange OWA externally by IP Address?

yep can ping the external address fine by either external IP or http://exchange.mickeymouse.co.uk

amyamandaallen

Silver Bullet wrote:

Sounds like you need to add a Cname record in DNS for exchange in the mickeymouse.co.ukzone for your exchange server.

Hi,

I presume this is in the forward lookup zone?

Im in the local.mickeymouse.co.uk part and can add a cname but dont really know my way round DNS yet ( the exchange has a static IP )

Any help very grateful

Silver Bullet

So you can access OWA (not ping) externally by IP Address.

amyamandaallen wrote:

Im in the local.mickeymouse.co.uk part and can add a cname but dont really know my way round DNS yet ( the exchange has a static IP )

Who is hosting the mickeymouse.co.uk zone for you? That is where you will need to add a HOST A record for the exchange server and a cname record if it's name is not actually exchange.

garv221

Make sure you have SMTP/IMAP enabled on the firewall for that outside IP. Try to login into the webmail using the IP address, this is a dead give away if you have a DNS or IP/Firewall problem. How many IP's do you have on the exchange server? How many domains run on the server and are they static?

amyamandaallen

cant connect to IP either in web browser ( pings fine )

has just single domain.

every port I could associate with OWA is open as far as I know

Ps - thanks for help so far

Silver Bullet

This is starting to look like an IIS problem. Go check settings in IIS.
Are you running more than one site from IIS?
Are there any Security settings preventing access from certain IP addresses or only allowing connections from certain ranges?

Sounds like you are using Port Forwarding on the Firewall to Forward port 80 to the Private IP address of the exchange server???......have you double checked that is forwarding to the correct IP Address?

Getting a ping reply externally when using port forwarding (whether pinging by IP Address or by Name) can be a false positive. If you have the external name mapped to the external IP address that is assigned to the firewall then it is the firewall that is replying to the ping request, not the exchange server.

If on the other hand you have the external IP address assigned to a second NIC on the Server and the firewall is opening port 80 for this IP address then again, you will want to make sure that IIS is setup to listen for connections for that IP address.

garv221

Basicaly you need port 80 WWW open on the firewall for an IP mapped from the outside to the inside which that static should reside on a IIS server running webmail (not using default web hosting) Secondly you need a DNS server to point the external IP to a legit domain name.

blargoe

Verify first that is isn't actually hitting your server - check c:\windows\system32\logfiles\w3svc1 for recent log files and see if there are entries from Internet IPs