0

We have a L2L VPN tunnel that keeps going down - our Exchange 2010 Server is hosted across the tunnel. I am wondering how to force Outlook 2007 to connect via HTTP or HTTPS to the Exchange Server at all times so that this is never an issue. The Exchange server is exposed to the Internet on ports 25, 80, and 443. OWA works when the L2L tunnel is down.

Note that I have already done the "Fast, Slow connections use OWA" trick.

tacos_tacos_tacos
  • 3,220
  • 16
  • 58
  • 97

1 Answers1

3

Go to Tools->Account Settings

Click on the E-mail tab. Click "Change E-mail account".

Click "More Settings". Click on the "Connection" tab. Click "Exchange Proxy Settings". Make sure "On fast networks, connect using HTTP first, then connect using TCP/IP" is checked, as well as "On slow networks, connect using HTTP first, then connect using TCP/IP".

That will force Outlook Anywhere over traditional MAPI.

EDIT

As noted below - if you're using a self signed cert, Outlook Anywhere will almost never work. You'll want to use a third party CA to secure communications. Use www.testexchangeconnectivity.com to troubleshoot Outlook Anywhere issues - if it doesn't work there, it's not likely to on your client machines.

Driftpeasant
  • 3,207
  • 2
  • 20
  • 28
  • I should have added, I've already done this... If there are certificate errors would that prevent Outlook from using HTTP(S)? I'm using a self signed cert – tacos_tacos_tacos Nov 16 '11 at 16:44
  • 1
    Yes. Use www.testexchangeconnectivity.com - if that comes back as a failure for Outlook Anywhere (aka RPC over HTTPS), then your self signed cert won't work. Generically you cannot use a self signed cert for Exchange for Outlook Anywhere unless your issuing CA is specifically trusted by all workstations using Outlook. – Driftpeasant Nov 16 '11 at 16:47
  • Where do I generate the CSR for Exchange? I should do it through EMC, not IIS7 right? – tacos_tacos_tacos Nov 16 '11 at 16:55
  • https://www.digicert.com/easy-csr/exchange2007.htm - input the relevant fields, then copy the string it gives you and run it in Exchange Management Shell (not console). It'll create the CSR you can then give to your third party CA. – Driftpeasant Nov 16 '11 at 16:57
  • I'm running Exchange 2010, but thank you for the info regarding Outlook Anywhere not working with cert errors. I'm accepting your answer, but it would be nice if you could edit it to add the detail of HTTPS access not working with certificate errors. – tacos_tacos_tacos Nov 16 '11 at 17:10
  • Ah, sorry, wrong link then. The premise is pretty much the same though, and you DO request the CSR through the EMC. – Driftpeasant Nov 16 '11 at 17:12