Microsoft Exchange securing OWA (SSL)

Status
Not open for further replies.
W

winkongmuang

Solid State Member
Messages
6
Location
Los Angeles, CA
Hi,

I'm in the process here of securing all our students to go through SSL when accessing OWA through the web. One problem I am running into is, https://email.domain.com
is only accessible via intranet; when connected to the networks ISP. When connect from an ISP outside, when accessing https://email.domain.com; OWA is not found.

Could this be a firewall problem the district is blocking?
External users are unable to access securely into our exchange server within our network.

Thanks
 
i would say that this either has an issue with firewall either blocking the traffic, or it not mapping the external address to the right address inside. It could also be a DNS issue form your ISP, just call them to confirm they are correct.

it could be that the NAT is mapped corectly but is not letting ssl trafic throught.

try using the ip address instead of the url and see if that works, if so its a dns issue, if not ii would guess that it is either a Nat mapping, ssl being blocked, or even the server using a diffrent port than defualt.

hope this helps
 
winkongmuang said:
I tried connecting with the ip address without SSL and it works; http://ipaddress/exchange. Then when I enable SSL and try https://ipaddress/exchange it doesn't work.

Also how does the whole NATing work? We also have a sonicwall here.

Thank you
Click to expand...

Ok, the ip address works with www trafic but not ssl.

First off you need to open up port 443 on the public addres that are using to access OWA on the soincwall. I know cisco, but i have no experance witha soincwall. If you give me a model i could help you a lil more on configuring it....

second thing is you got it to work throught the ip address over port 80 "WWW" trafic .
You sould also try it by name over port 80 as well. If that dosnt work you need to call your ISP and have them add a DNS host "A" record mapping the name you want to use to the ip address you are using. If they dont have do that or it isn't there it will never work by name unless you use a host file wich can make things a little more confising if the end users are moving between your loacl network and the internet when accessing OWA.

f it work over port 80 by name you only have to worrie about the mapping for ssl.

Another thing you might want to look at doing it setting up a address redirect on the OWA server so that when people login on port 80 they get redirected to ssl automiaicly, Its a nice thing to have.

If you get the model of the sonicwall i would love to help with the config.. just dont post any real ip or domain info.

God luck!
 
winkongmuang said:
Yes,

It is a SonicWALL Pro 230, SonicOS 2.6 Enhanced.


Thanks again.
Click to expand...

Ok here are a few links to help out. Take a look at the first one, it is most likely what you need unless you have more then one exchange server you may want to take a look at the second. To me you everything in place the way it should be but you just need to add SSL. Take a look and post any questions you may have.


Enabling Remote Users to Reach Outlook Web Access (OWA) on a Microsoft Exchange Server Behind the So...


SonicOS: Advanced Outlook Web Access (OWA) Configuration with Exchange across SonicWALL Firewall
 
Thanks Bob,

I've enables all WAN to specifically the LAN ip address of the exchange server and still there is no luck.

LAN1 is our internal LAN connected with the district
LAN2 is our external LAN (WAN) coming from Time Warner Cable.
We have WAN and LAN going into the WAN and LAN ports of the Sonicwall.

The LAN connection also goes back to the district through their firewall.

Could this be a problem with the district blocking port 443?
Is there a way I can check if this port is open?

It's very difficult to get in touch with the district.

Thank you
 
Well, as hard as it might be you should get intouch with the district admin of their firewall's, that is more then likely the problem.
 
To test the https
1. Change the port for https (eg. 5000)
2. port forward port 5000 to your OWA on SonicWall
3. access via https://10.10.10.66:5000 (10.10.10.66 is your public address of sonic wall)
If it works, port 443 might be block by the ISP
 
Status
Not open for further replies.

Similar threads

D
Who needs SSL security software?
Replies
3
Views
2K
markanderson
markanderson
A
Home Network Wifi Issues
Replies
2
Views
1K
petergroft29
P
B
TalkTalk internet nightmare! -> Bridge mode + wifi signal
Replies
0
Views
1K
Bitcurrent14
B
W
Covert Communication via modulated Ultrasonic Acoustic Pressure Waves
Replies
0
Views
1K
WhiteHatX74
W
S
Wi-Fi Camera
Replies
1
Views
1K
1etherer
1
Back
Top Bottom