Sonicwall Firewall Issue

mipouk

Hi Guys,

got an interesting issue with our sonicwall at work - Seemingly after we changed over to a leased line and new external IP, the webmail is pointing to our server02 instead of Server04. When typing in the webmail address, the usual certificate error comes up, but when viewing the certificate, it states the certificate name as Server02. when you go onto server02 and stop the default website, the webmail doesnt come up at all.

For some reason https traffic is being pointed to the wrong server. I know this topic is entitled sonicwall, but could it perhaps be something else. If i ping webmail.mydomain.com i get the correct external IP. IIS is all set up correctly on server04 but i cant make https traffic go to it!

RussS

Sounds like a config issue in the firewall possibly. Check what port forwarding you have and you should probably find 1 rule doesnt match.

undomiel

I will concur with RussS, it sounds like a forwarding issue in the sonicwall.

macdude

You need to have a rule set up that allows https traffic to your mail server. It sounds like you have a rule set up but for the wrong server.

Is server02 or server04 your mail server?

sprkymrk

Do an nslookup for your domain's mx record.

nslookup
set type=mx
yourdomain.com

See what is says, it might be a DNS issue. Maybe your new firewall is getting information from an incorrect DNS entry?

undomiel

An mx record issue though would effect mail flow and not OWA that's why it is more likely to be an incorrect rule for nat.

mipouk

Yeah my mx record is set correctly and ive added the correct entry into our external dns at 123reg, this now resolves webmail.mydomain.com to my external ip.

Ive been doing some more checking and ive got port 443 open for all sorts of connections, something isnt right on the firewall im thinking. Server04 is my mail server, IIS is all correct there, just need to get 443 forwarded to it!

Im going to do some more checking and will let you know what i find - Many thanks for the help so far, its very much appreciated by me, and hopefully my colleagues once i sort the issue!

cheers.

dan_9141

You could try and change the rule priority that should be forwarding 443 to server04 to "1". If this corrects the issue there is another rule that is forwarding 443 to server02. If it doesn't fix the issue there could be something wrong with the rule or maybe the address object.

mipouk

Hi guys,

Since disabling some other 443 rules on the firewall, we now have webmail.mydomain.com/exchange going to server04, the correct server.

However now when I load up the webmail page using the IP, or the name "webmail", as soon as i click the certificate error which says Continue to this website, I dont get the username and password box for web access with the blue background, it doesnt even go that far.

What i do get is a normal grey windows username and password box, with an icon of some keys in the top left. whatever username and password i try, it wont let me in.

This points to an IIS issue does it not? Any thoughts?[/img]

dan_9141

Just a few questions.....

From your original post you said that everything was working before you changed to a leased line, was the previous configuration going to server04?

Which version of Exchange are you running? 2003?

Did you try to logon using username@mydomain.com?

Any errors in the log files? are you even getting to webmail.mydomain.com/exchange ?

tdempsey

Can you pull up the site from the server it's hosted on?

If you can, I would move to another server in the DMZ ( on the same subnet) and see if you can pull up the website from that machine? If yes, start looking at the firewall again.

One thing you could consider if you are still not certain if it's the firewall is temporarily add a rule


for any

---

> any, put it at the top and enable it. Test again. - Is it working?

NOW DISABLE RULE IMMEDIATLY and save config.