OWA over the Internet

Has anyone configured this? I am able to access OWA over my LAN, I do have a routable IP block and a registered domain soggyrice.com via godaddy.com.

Just thought I would ask here first before I try to do this on my own, so I just get my feet wet.

Find more posts tagged with

Comments

HeroPsycho

Configure the appropriate external URL for OWA, open the proper ports on your firewalls, and that's pretty much it. Get a commercial cert if you don't want external clients getting warnings.

marco71

you need to add a record into your DNS servers for your OWA server

jbaello

HeroPsycho wrote:

Configure the appropriate external URL for OWA, open the proper ports on your firewalls, and that's pretty much it. Get a commercial cert if you don't want external clients getting warnings.

K thanks Port 443 is opened for SSL traffic, also configured external URL, I think I still need to modify my ISP domain?

shackdaddy

You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record, so maybe https://server.soggyrice.com/owa or whatever.

In general, one of the best tools for troubleshooting the Client Access Server web parts is this site: https://www.testexchangeconnectivity.com/

A couple of Microsoft guys threw it together to help people figure out where the breakdowns in their configs were, and I probably use it three times a week, at least.

The tool doesn't test OWA, but it tests inbound SMTP, Outlook Anywhere, AutoDiscover and ActiveSync. Check it out!

Dave Shackelford

jbaello

Woot look at who's here Shack Daddy himself, I love your stuff man

marco71

shackdaddy wrote:

You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record...

... and you think he has such records (MX, A, CNAME) in DNS (externally DNS servers, which keep records for soggyrice.com) if cant access OWA externally? I bet neither incoming mail-messages will arrive from outside

jbaello

marco71 wrote:

shackdaddy wrote:

You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record...

... and you think he has such records (MX, A, CNAME) in DNS (externally DNS servers, which keep records for soggyrice.com) if cant access OWA externally? I bet neither incoming mail-messages will arrive from outside

Shack knew we both configured this, when I watched his training :P it's the default godaddy email MX record that is the culprit...

marco71

so, it's working now?

HeroPsycho

MX records haven't a thing to do with OWA. A wrong MX record is not the culprit; however, an associated A record to the name within the MX record obviously could be related if that A record is what you use to connect to OWA.

shackdaddy

HeroPsycho is absolutely right: if you don't have DNS right, the rest can't even be properly tested. Really all you need is an A record that points to your static IP, and then an MX record that points to that. Well, not just "an MX record." THE MX record. You don't want any other MX records to exist if you are doing a testbed, although there are plenty of reasons to have others in real life.

So in the GoDaddy console, delete all the existing MX records. I wouldn't worry about the other CNAME records they've created, unless they conflict with the names you are trying to use. If, for example, you want your A-record to be "soggymail", then you've got no problem, but if you want it to be "mail" you will probably have to change some existing records.

If you haven't set up an MX record yet, you should still be able to connect to your server by IP and do a manual SMTP test with the EHLO/HELO and all that.

This is all basic, basic stuff. You'll run into more difficult issues later. :P

Dave

HeroPsycho

Common practice is not to use IP addresses but fully qualified domain names within MX records. Do not reference a CNAME in your MX record! This way, should your IP ever change, the only change you need to make is to your A record.

Again, MX records are irrelevant in OWA access, though, so if you're having OWA issues, it's not your MX record.

jbaello

https://webmail.soggyrice.com/owa

https://soggyrice.com/owa

Both are A record pointing to the same public IP, I got confused since browsing in a client pointing to an internal DNS server was not able to query this site, perhaps I need to configure forwarders etc. Also it seems like I have to delete my history on IE since it seems to load cached pages, whenever I modify my domain external DNS.

jbaello

Thanks for the help, it's working now, will blow out my installation again to make way to another training...

Thanks TE!

Just wanted to add more, when I attempted to uninstall Exchange 2007, it was asking me to run a bunch of errans, such as backup mailbox/address book, and remove it, so in short I blow/deleted the exchange 2007 directory

... after doing so, I encountered about 10 different types of error from my DC to my 64 bit server box, when attempted to reinstall Exchange, I had to run adsiedit.msc, cherry pick registry on deleting some entries, had to run recoverserver, dedcpromo etc. so just a heads up don't do this

HeroPsycho

LOL, dude, that's not how you uninstall Exchange. Don't ever do that in production! Do exactly as they say to do it.

If you're virtualizing, next time snap shot your VM's before an exercise, so you can go back and do it again without rebuilding everything.

blargoe

jbaello wrote:

https://webmail.soggyrice.com/owa

https://soggyrice.com/owa

Both are A record pointing to the same public IP, I got confused since browsing in a client pointing to an internal DNS server was not able to query this site, perhaps I need to configure forwarders etc. Also it seems like I have to delete my history on IE since it seems to load cached pages, whenever I modify my domain external DNS.

if you want that URL to work on your internal DNS (if you internal DNS is also soggyrice) all you have to do is add A records internally, but give it the internal IP instead of the Internet IP.

blargoe

jbaello wrote:

Thanks for the help, it's working now, will blow out my installation again to make way to another training...

Thanks TE!

Just wanted to add more, when I attempted to uninstall Exchange 2007, it was asking me to run a bunch of errans, such as backup mailbox/address book, and remove it, so in short I blow/deleted the exchange 2007 directory ... after doing so, I encountered about 10 different types of error from my DC to my 64 bit server box, when attempted to reinstall Exchange, I had to run adsiedit.msc, cherry pick registry on deleting some entries, had to run recoverserver, dedcpromo etc. so just a heads up don't do this

Yeah... there's a reason why they went through the trouble of listing all those tasks for you!

jbaello

HeroPsycho wrote:

LOL, dude, that's not how you uninstall Exchange. Don't ever do that in production! Do exactly as they say to do it.

If you're virtualizing, next time snap shot your VM's before an exercise, so you can go back and do it again without rebuilding everything.

Hehe I can see myself waiting in the unemployment line, if I did this, I was just trying to test some scenario for future reference, hey it's possible to reinstall it though

Also for personal reason, I am stirring off virtualization, so everything I do and any problems I encounter, will more likely be closer to a real world experience, I would start running VM as soon I start Windows 2008 or study VMware product.

Since this is time consuming, I might start creating image via Ghost the only issue is, I have to relearn sysprep again, so I don't generate a duplicate SID.

HeroPsycho

Dude, "the real world" is increasingly virtualized! Jump on the train before you're left in the dust!