Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Outlook Web Access
- Thread starter yakker
- Start date
ashleym
MIS
- Mar 30, 2001
- 375
What exact error do you get in your browser?
Check permissions on the exchange virtual directory in IIS, make sure it is not set to anonymous or windows compatable, but a third one, its the only other option, I just forget it right now.
This is for Exchange 2000, right?
Ashley
Check permissions on the exchange virtual directory in IIS, make sure it is not set to anonymous or windows compatable, but a third one, its the only other option, I just forget it right now.
This is for Exchange 2000, right?
Ashley
Guest_imported
New member
- Jan 1, 1970
- 0
Hi Ashley
When I connect from outside the office I don't get an error but I also don't see any of my messages in my inbox.(//domainname/Exchange). But when I connect from within the office I can see all my messages.(//localIPaddress/Exchange)
I tried changing the permissions like you said but then I got a screen saying I was not authorised to view the page so I changed it back??
Thanks again any assistance would be appreciated...
Cheers Sandy
When I connect from outside the office I don't get an error but I also don't see any of my messages in my inbox.(//domainname/Exchange). But when I connect from within the office I can see all my messages.(//localIPaddress/Exchange)
I tried changing the permissions like you said but then I got a screen saying I was not authorised to view the page so I changed it back??
Thanks again any assistance would be appreciated...
Cheers Sandy
ashleym
MIS
- Mar 30, 2001
- 375
Well the fact that you can connect from within the office, means it is definitely a permissions issue. I would check out all of the permissions within IIS5, check all the directories and make sure they are set to Anonymous, except the Exchange virtual directory which should be set to BASIC only. Stop and reststart the Default Websiste then test from outside. If there is someone you can call at home or outside your office who has high speed internet and can jump into their browser for you, that would make it faster.
I have gotten this to work, I know how frustrating it is. Let me know if you have more questions.
Good Luck!
Ashley
I have gotten this to work, I know how frustrating it is. Let me know if you have more questions.
Good Luck!
Ashley
I agree with the permissions-related solutions from earlier replies, but want to point out a less-than-obvious tweak you might want to think about:
Don't use port 80 unless you have to...I have a client with Exchange 2k whose OWA is accessed through a Linux comm (mail & routing) server that does *not* have port 80 open.
Whether you use what I do (jumpgate on linux) to do the port forwarding or not, it is wise to use an alternative port. If you are not using the server as a web server, set your IIS to use any port in the range 1024-65535. If you are running SQL or anything else that might conflict with a randomly chosen port, then check this link: to look for an open port. I'd suggest something in the 7000-10000 area.
If you tell IIS to use a port other than 80, then you will protect yourself from Code Red/Nimda variants through obscurity. The client I speak of is on a dial-up connection, so just the ARP-RARP packets from the already-infected (and unpatched) IIS boxes on the external network would severely affect the connection's usability, if port 80 was in use.
Finally, have your clients use an address like: (subsitute your actual port for the 9999) and they *should* get a login prompt using Windows authentication. The OWA will give a small, undocumented error when expanding the folder tree, but it is worth the added safety, and when cleared, is harmless. Good luck!
Don't use port 80 unless you have to...I have a client with Exchange 2k whose OWA is accessed through a Linux comm (mail & routing) server that does *not* have port 80 open.
Whether you use what I do (jumpgate on linux) to do the port forwarding or not, it is wise to use an alternative port. If you are not using the server as a web server, set your IIS to use any port in the range 1024-65535. If you are running SQL or anything else that might conflict with a randomly chosen port, then check this link: to look for an open port. I'd suggest something in the 7000-10000 area.
If you tell IIS to use a port other than 80, then you will protect yourself from Code Red/Nimda variants through obscurity. The client I speak of is on a dial-up connection, so just the ARP-RARP packets from the already-infected (and unpatched) IIS boxes on the external network would severely affect the connection's usability, if port 80 was in use.
Finally, have your clients use an address like: (subsitute your actual port for the 9999) and they *should* get a login prompt using Windows authentication. The OWA will give a small, undocumented error when expanding the folder tree, but it is worth the added safety, and when cleared, is harmless. Good luck!
Guest_imported
New member
- Jan 1, 1970
- 0
I am haveing terrible trouble getting OWA to work at all. It is definitely installed. What is the address, and what do I have to do to get the thing to show?
I go to //server/exchange/default but get an error message all the time. What could be wrong?
I go to //server/exchange/default but get an error message all the time. What could be wrong?
ashleym
MIS
- Mar 30, 2001
- 375
Dbcooper:
I don't know that reccomending a non standard port is necessarily a good idea, while I understand your thoughtfullness towards protecting people from attacks and vulberabilites like code red, there are ways to protect yourself from both, while still using standard ports. How up to date is the network ice port page you linked to? Does it list all known trojan ports? Of course there are known trojans that attack port 80, but I think that with a good firewall and other security measures, you can use standard ports and be relatively safe from attacks.
andrewpalazzo:
The address you can enter is
that should bring up the login, now depending on how you have configured your permissions, you may get three fields, username/password or you may get three, username/password/domain. I would suggest you set the permissions on only the exchange virtual directory to only basic, and that will get you username/password only. If after entering the propper info after that you get "the page cannot be displayed" you still have permission problems in IIS. If you get a different error, post it here so we can see it.
Ashley
I don't know that reccomending a non standard port is necessarily a good idea, while I understand your thoughtfullness towards protecting people from attacks and vulberabilites like code red, there are ways to protect yourself from both, while still using standard ports. How up to date is the network ice port page you linked to? Does it list all known trojan ports? Of course there are known trojans that attack port 80, but I think that with a good firewall and other security measures, you can use standard ports and be relatively safe from attacks.
andrewpalazzo:
The address you can enter is
that should bring up the login, now depending on how you have configured your permissions, you may get three fields, username/password or you may get three, username/password/domain. I would suggest you set the permissions on only the exchange virtual directory to only basic, and that will get you username/password only. If after entering the propper info after that you get "the page cannot be displayed" you still have permission problems in IIS. If you get a different error, post it here so we can see it.
Ashley
- Status
Similar threads
- Locked
- Question
- Locked
- Question
