Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Outlook over internet 1

Status
Not open for further replies.
RustyAfro

RustyAfro

Programmer
Jan 12, 2005
332
US
I am trying to connect a workstation Outlook 2003 using HTTP.

I followed all the instructions from RWW, but receive this error:

"The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action".

My users login account format is: FirstLast
And there mailbox is: first.last@mycompany.com

During the setup, Exchange Server Settings, it asks for User Name ("Type the name of the mailbox set up for you by your administrator"). I wasn't sure if that would be FirstLast or first.last or even first.last@mycompany.com. I put FirstLast as that is the user name to login to RWW.

Other than that, I am not sure what else I might have done wrong. Is there a log file on the workstation or server I can check to find out what the problem is?
 
Sort by date Sort by votes
Check out both of these documents. The first for verifying that you've done the setup properly, the second to help you diagnose the problem if you HAVE followed the right setup steps:


There are a few things you might not have to do since you are working from an SBS platform, but most will apply.


ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
ShackDaddy,

Before I take these steps, I wanted to get your opinion about RPC over HTTP security versus strictly going through the VPN for outlook. For this client, I could go either way.

VPN with Outlook works nicely as of now, as does RWW. The computers at the satellite office (the main office has the sbs server) are easy for me to setup for vpn and outlook. When employees are on the road or at home, RWW outlook access is more than sufficient. I have read that RPC is less secure, and if that is the case, I could just stick with the VPN method.

What do you think?

 
Upvote 0 Downvote
I think that RCP-over-HTTPS is quite secure. The reason I would prefer it over VPN is that it is a technology that is transparent to the user. Once it's deployed, they can access their email in the office or outside the office, on any wireless lan, with no need to reconfigure anything. You can't guarantee that all networks will support the VPN protocols, but most will support HTTP/HTTPS.

Users are still prompted for login info when they start up Outlook so you still have authentication involved in case the user gets their laptop stolen. It's authentication requirements are identical to those of a VPN, as far as I can tell.

The most obvious level on which RPC-over-HTTPS is more secure is that of access: it won't allow you to access file shares in the network, only the mailbox you're connected to.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
Hi Shackdaddy,

With the VPN issues I am experiencing I decided to work on this problem to at least get email working.

I checked both links and everything seemed to be ok.

I found this link at microsoft and eventually did run into a problem.

In the "Verify RPC Virtual Directory Configuration" link there was a step to go to this link from an external connection:
Except to substitute with my FQDN.

As I understand it, my FQDN is
I went to and I received a certicate warning as expected and installed the certificate. I then was prompted to login and the login was accepted. According to the microsoft link:

"You will see a blank page in your browser and there will be a lock icon in the Status Bar of your browser. This indicates that you have successfully established a secured (SSL) connection with the server. Again, this is the expected behavior and indicates that the RPC Virtual Directory is configured correctly on the server."

This is exactly what occured. However, after closing IE and trying it again, the same certificate error occured. I repeated the same steps with the same results. Everytime I try, the cert error appears.

The cert is from "mycompany.com". It seems that even though I install it, after going to "servername.mycompany.com" it does not accept it.

So I feel like perhaps I am doing something wrong with how I setup the Outlook over Internet on the esrver and the reason an external outlook connection fails is because of a certificate issue. But I can't seem to figure out how to fix it if this is in fact the problem.

Any other ideas?
 
Upvote 0 Downvote
The cert is just "mycompany.com". When I setup the server using the wizards, I only had one option to create a single cert.

Having the cert be just "mycompany.com" prevented users from getting the cert error once they installed it when going to "mycompany.com/remote" for RWW login.

My server is named "sbs-server"

I am pretty sure that if I change the cert to "sbs-server.mycompany.com", then when users go to "mycompany.com/remote", they will always get the cert error even after installing it.

I have an A record setup for "mail.mycompany.com", " and "sbs-server.mycompany.com". The MX record is just "mycompany.com" and is a CNAME pointing to "mail.mycompany.com". All those records point to my servers IP address.

Is there a way to have a cert for RWW and one for Exchange? If so, where do I go to create seperate certs.

I think if I have a matching cert for what I put in the clients workstation my problems will be resolved. I would like to put "mail.mycompany.com" in the outlook setting of the client workstation as it fits the purpose.
 
Upvote 0 Downvote
Alright, I got it to work!! :)

It was the certificate issue I described.

I launched the internet wizard again and made the certificate sbs-server.mycompany.com.

On the external clients workstation, I installed the cert, and launched outlook.

Ran into one more small problem, but figured it out quickly. The user name must be "domain/userid" (or "mycompany/userid").

I will probably change the DNS to be "svr.mycompany.com" and the cert to match so that it's easier to remember for RWW unless there is a way to have seperate certs (one for exchange, one for rww). Is that possible??
 
Upvote 0 Downvote
No way to have separate certs unless you have two static IPs and can bind both to the external interface of your firewall. Each SSL cert needs to have its own IP. HTTPS doesn't use host headers like straight HTTP, so you can't host more than one HTTPS FQDN on an IP.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
607
mangentle
mangentle
AlfonsoSF
  • Locked
  • Question
Esplorer (not the internet browser) hangs in a user RDP session ins a W2016 vsphere virtual machine.
Replies
1
Views
234
hairlessupportmonkey
hairlessupportmonkey
techbrain1
  • Locked
  • Question
No connection to internet through wireless connection
Replies
1
Views
174
kjv1611
kjv1611
bhimmler
  • Locked
  • Question
Looking for a way to Capture/Log high CPU Utilizing Processes over time.
Replies
0
Views
139
bhimmler
bhimmler
sgtBlueBird
  • Locked
  • Question
Win Server 2003 R2 SP2 32bit Internet Connection sharing Error
Replies
0
Views
131
sgtBlueBird
sgtBlueBird

Part and Inventory Search

Sponsor

Back
Top