exchange for external access.

sina2011

hey guys so I just finished learning exchange after 3 months now I have abit of a problem.

I'm Trying to setup OWA for external access but it wont work the things I have done in my configuration are:

1.Opened Ports 80,443,25,110,
2.Created Send Connectors,Recieve Connectors
3.Enabled Outlook Anywhere
4.Bought a Static IP from my ISP
5.created The MX and A Records on my External DNS
6.Obviously bought a domain name

when i go to https://mail.globalmantics.net/owa

I get the error message:

The connection has timed out

The server at mail.globalmantics.net is taking too long to respond.

The site could be temporarily unavailable or too busy. Try again in a few
moments.
If you are unable to load any pages, check your computer's network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.

does anybody know where im going wrong any push in the right direction will be appreciated.

Thanks.

Find more posts tagged with

Comments

Chivalry1

First....For security reason I would leave the actual url anonymous.

Second....log onto the server hosting the OWA and try accessing the servers OWA locally by going to http://localhost/owa. If that is successful then that means the server is operational.

Third....Check your firewall settings and your NAT address table.

sina2011

hey chivalry thanks for your response

I have checked it locally and it works but not externally.

Thanks.

Claymoore

You need to set the external url for the OWA site, it is blank by default.

Server Configuration > Client Access > Outlook Web Access > General Tab (RTM): Exchange 2007 Help

Be sure you know how to do it from the command line as well:
Set-OwaVirtualDirectory: Exchange 2010 SP1 Help

Set-OwaVirtualDirectory -Identity "Contoso\owa (default Web site)" -ExternalUrl https://mail.yourservername.com/owa

sina2011

hey claymoore thanks for the reply

Yeah I have already done that.

jibbajabba

Chivalry1 wrote: »

First....For security reason I would leave the actual url anonymous..

Globalmatics is the Trainsignal domain they are using in their videos

Have you tried to telnet to your server using port 443, making sure it is properly configured ?
Using http://<server> without /owa (or SSL) should show the default page of IIS - does this work ?

sina2011

yeah I know that theres is globomantics.com mine is globalmantics.net.

how do I telnet to my server?

Thanks for your reply.

sina2011

hey guys I was just thinking and having a look as well on the net do I need to create a Internal MX record on my internal DNS?

I know its a stupid question its the first time I'm doing this.

undomiel

Sina, sorry to keep being a pain, but it still seems like you're trying to fly before you can walk. I would highly recommend going over some of the Network+ material, I believe it will do you a lot of good. You seem to have a pretty big weakness on the networking side of things. Get DNS and NAT understanding down good then jump back into learning Exchange. You'll get a lot more benefit from your studies then.

Anyhow, the problem at hand. In your router is 80 and 443 both pointed at your Exchange server's internal ip address? Also if mail.globalmantics.net is your real address and not a faked one you do not have your A record setup correctly on GoDaddy. Judging from the registration it does look like your realy domain. This is what I see from an nslookup of mail.globalmantics.net:

Non-authoritative answer:
Name: mail.globalmantics.net
Addresses: 211.27.3.212
210.50.139.84

Get your correct static ip address in there.
Now your MX records:

Non-authoritative answer:
globalmantics.net MX preference = 0, mail exchanger = smtp.secureserver.net
globalmantics.net MX preference = 0, mail exchanger = mail.globalmantics.net
globalmantics.net MX preference = 10, mail exchanger = mail.globalmantics.net
globalmantics.net MX preference = 10, mail exchanger = mailstore1.secureserver.net

You will have some definitely mail flow problems with those, you need to flush everything out and only have mail.globalmantics.net.

When you say you opened up those ports did you do that on your router? Is their a NAT/PAT pointing back to your Exchange server? Do you understand how NAT works and where to use it?

As for telnet, what you would do is open up a prompt and do "telnet mail.globalmantics.net 443" for instance to telnet into port 443. You need to do this external to your connection, it is meaningless from the inside. If it gives you a connect failed or connection refused you know you need to look at your router and firewalls. You will definitely want to learn how to telnet into the smtp port and send e-mails via telnet as it is an invaluable troubleshooting tool.

sina2011

Hi undomiel

answers to your question:
1.Yeah I understand NAT and how it all works I just didnt think about it at that time.
2.I Do have those ports associated with my internal IP.

For the second section of your questions that you asked:

These are the records that I created on my external DNS (Godaddy):

MX mail.globalmantics.net

A mail.globalmantics.net (xxx.xxx.xxx.xxx)

A owa.globalmantics.net (xxx.xxx.xxx.xxx)

A autodiscover.globalmantics.net (xxx.xxx.xxx.xxx)

When you asked this Question: When you say you opened up those ports did you do that on your router? Is their a NAT/PAT pointing back to your Exchange server? Do you understand how NAT works and where to use it?

The only thing I have on my Router that has any NAT configuration information is the following:

Port Restricted Cone NAT & Full Cone NAT

I appreciate what your saying and pointing out my mistakes as i would rather do my mistakes here then in the real world.

Thanks.

KenC

Any luck getting this resolved?
It does seem to be a port forward issue on your router at first glance, not sure if this is what you mean when you say you have "associated" the ports with internal IP.
Have you tried external access using an IP address instead?
Kenneth.

jibbajabba

sina, to telnet, open a command prompt and type

telnet mail.globalmantics.net 443

If it turns into a blank / black screen, then you know you get through to the server via https and if OWA still doesn't work then it is a configuration issue.

If you get an error that the server doesn't response / can't connect, then it is a port forwarding issue.

If you are on Windows 7 / 2008 then you will need to install the telnet client first (add / remove windows features > telnet client).

pespi_man

Sina, i had issues with my OWA when I was building my home lab.

For me it was the Go Daddy settings...

My settings can be found here -

godaddy | Flickr - Photo Sharing!

(Let me know if this doesnt work, havent used Flickr before)

Also http://www.mxtoolbox.com/SuperTool.aspx is a easy way to see if the correct ports are open.