OWA over the Internet

jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
Has anyone configured this? I am able to access OWA over my LAN, I do have a routable IP block and a registered domain soggyrice.com via godaddy.com.

Just thought I would ask here first before I try to do this on my own, so I just get my feet wet.

Comments

  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    Configure the appropriate external URL for OWA, open the proper ports on your firewalls, and that's pretty much it. Get a commercial cert if you don't want external clients getting warnings.
    Good luck to all!
  • marco71marco71 Member Posts: 152 ■■■□□□□□□□
    you need to add a record into your DNS servers for your OWA server
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    HeroPsycho wrote:
    Configure the appropriate external URL for OWA, open the proper ports on your firewalls, and that's pretty much it. Get a commercial cert if you don't want external clients getting warnings.

    K thanks Port 443 is opened for SSL traffic, also configured external URL, I think I still need to modify my ISP domain?
  • shackdaddyshackdaddy Member Posts: 6 ■□□□□□□□□□
    You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record, so maybe https://server.soggyrice.com/owa or whatever.

    In general, one of the best tools for troubleshooting the Client Access Server web parts is this site: https://www.testexchangeconnectivity.com/

    A couple of Microsoft guys threw it together to help people figure out where the breakdowns in their configs were, and I probably use it three times a week, at least.

    The tool doesn't test OWA, but it tests inbound SMTP, Outlook Anywhere, AutoDiscover and ActiveSync. Check it out!

    Dave Shackelford
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Woot look at who's here Shack Daddy himself, I love your stuff man icon_cool.gificon_cool.gificon_cool.gif
  • marco71marco71 Member Posts: 152 ■■■□□□□□□□
    shackdaddy wrote:
    You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record...
    ... and you think he has such records (MX, A, CNAME) in DNS (externally DNS servers, which keep records for soggyrice.com) if cant access OWA externally? I bet neither incoming mail-messages will arrive from outside ;)
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    marco71 wrote:
    shackdaddy wrote:
    You shouldn't need to mod anything else in DNS. You'd just use the same FQDN for OWA that you use for your MX record...
    ... and you think he has such records (MX, A, CNAME) in DNS (externally DNS servers, which keep records for soggyrice.com) if cant access OWA externally? I bet neither incoming mail-messages will arrive from outside ;)

    Shack knew we both configured this, when I watched his training :P it's the default godaddy email MX record that is the culprit...
  • marco71marco71 Member Posts: 152 ■■■□□□□□□□
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    MX records haven't a thing to do with OWA. A wrong MX record is not the culprit; however, an associated A record to the name within the MX record obviously could be related if that A record is what you use to connect to OWA.
    Good luck to all!
  • shackdaddyshackdaddy Member Posts: 6 ■□□□□□□□□□
    HeroPsycho is absolutely right: if you don't have DNS right, the rest can't even be properly tested. Really all you need is an A record that points to your static IP, and then an MX record that points to that. Well, not just "an MX record." THE MX record. You don't want any other MX records to exist if you are doing a testbed, although there are plenty of reasons to have others in real life.

    So in the GoDaddy console, delete all the existing MX records. I wouldn't worry about the other CNAME records they've created, unless they conflict with the names you are trying to use. If, for example, you want your A-record to be "soggymail", then you've got no problem, but if you want it to be "mail" you will probably have to change some existing records.

    If you haven't set up an MX record yet, you should still be able to connect to your server by IP and do a manual SMTP test with the EHLO/HELO and all that.

    This is all basic, basic stuff. You'll run into more difficult issues later. :P

    Dave
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    Common practice is not to use IP addresses but fully qualified domain names within MX records. Do not reference a CNAME in your MX record! This way, should your IP ever change, the only change you need to make is to your A record.

    Again, MX records are irrelevant in OWA access, though, so if you're having OWA issues, it's not your MX record.
    Good luck to all!
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    https://webmail.soggyrice.com/owa

    https://soggyrice.com/owa

    Both are A record pointing to the same public IP, I got confused since browsing in a client pointing to an internal DNS server was not able to query this site, perhaps I need to configure forwarders etc. Also it seems like I have to delete my history on IE since it seems to load cached pages, whenever I modify my domain external DNS.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Thanks for the help, it's working now, will blow out my installation again to make way to another training...

    Thanks TE!

    Just wanted to add more, when I attempted to uninstall Exchange 2007, it was asking me to run a bunch of errans, such as backup mailbox/address book, and remove it, so in short I blow/deleted the exchange 2007 directory icon_lol.gificon_lol.gif ... after doing so, I encountered about 10 different types of error from my DC to my 64 bit server box, when attempted to reinstall Exchange, I had to run adsiedit.msc, cherry pick registry on deleting some entries, had to run recoverserver, dedcpromo etc. so just a heads up don't do this icon_redface.gif
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    LOL, dude, that's not how you uninstall Exchange. Don't ever do that in production! Do exactly as they say to do it.

    If you're virtualizing, next time snap shot your VM's before an exercise, so you can go back and do it again without rebuilding everything.
    Good luck to all!
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    jbaello wrote:
    https://webmail.soggyrice.com/owa

    https://soggyrice.com/owa

    Both are A record pointing to the same public IP, I got confused since browsing in a client pointing to an internal DNS server was not able to query this site, perhaps I need to configure forwarders etc. Also it seems like I have to delete my history on IE since it seems to load cached pages, whenever I modify my domain external DNS.

    if you want that URL to work on your internal DNS (if you internal DNS is also soggyrice) all you have to do is add A records internally, but give it the internal IP instead of the Internet IP.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    jbaello wrote:
    Thanks for the help, it's working now, will blow out my installation again to make way to another training...

    Thanks TE!

    Just wanted to add more, when I attempted to uninstall Exchange 2007, it was asking me to run a bunch of errans, such as backup mailbox/address book, and remove it, so in short I blow/deleted the exchange 2007 directory icon_lol.gificon_lol.gif ... after doing so, I encountered about 10 different types of error from my DC to my 64 bit server box, when attempted to reinstall Exchange, I had to run adsiedit.msc, cherry pick registry on deleting some entries, had to run recoverserver, dedcpromo etc. so just a heads up don't do this icon_redface.gif

    Yeah... there's a reason why they went through the trouble of listing all those tasks for you!
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    HeroPsycho wrote:
    LOL, dude, that's not how you uninstall Exchange. Don't ever do that in production! Do exactly as they say to do it.

    If you're virtualizing, next time snap shot your VM's before an exercise, so you can go back and do it again without rebuilding everything.

    Hehe I can see myself waiting in the unemployment line, if I did this, I was just trying to test some scenario for future reference, hey it's possible to reinstall it though icon_lol.gif

    Also for personal reason, I am stirring off virtualization, so everything I do and any problems I encounter, will more likely be closer to a real world experience, I would start running VM as soon I start Windows 2008 or study VMware product.

    Since this is time consuming, I might start creating image via Ghost the only issue is, I have to relearn sysprep again, so I don't generate a duplicate SID.
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    Dude, "the real world" is increasingly virtualized! Jump on the train before you're left in the dust!
    Good luck to all!
Sign In or Register to comment.