4

I have an Exchange server behind an ISA 2004 server and from inside the network, it's possible to access Outlook Web Access. I have published the server but from outside the network I'm not even getting to the login screen. The ISA log indicates that the HTTPS traffic on port 443 is being blocked by my default deny-all rule.

How do I go about resolving this problem?

David Pashley
  • 23,151
  • 2
  • 41
  • 71
Istari
  • 272
  • 2
  • 5
  • 10

3 Answers3

2

Turns out that there was an issue with the SSL certificate. I resolved the issue by deleting the relevant certificates on both the ISA server and SBS server. I created a new certificate on my SBS Server and then exported the certificate (with it's private key) to the ISA server. I changed the OWA Listener to make use of the new certificate and voila!

Thanks for pointing me in the right direction

Istari
  • 272
  • 2
  • 5
  • 10
1

You have to activate SSL (checkbox) on the weblistener for the public IP address.

Do you allow the https protocol (tcp port 443) in your inbound rules? Is it enabled?

There is a good tutorial for ISA Server 2004 here: Publishing Outlook Web Access (OWA) Sites using ISA Server 2004 Firewalls

For ISA Server 2006, look here: Using the 2006 ISA Firewall (RC) to Publish OWA Sites – Single Exchange Server Scenario

splattne
  • 28,348
  • 19
  • 97
  • 147
  • Thanks for the response but I have SSL enabled and have followed the instructions in that tut, but with no luck. – Istari May 08 '09 at 10:41
  • Updated my answer: "Do you allow the https protocol in your inbound rules? Is it enabled?" – splattne May 08 '09 at 11:45
0

If it's hitting the default deny-all rule it means it's skipping your custom rule for some reason.

You need to figure out why that is, check the DNS, ports etc.

Bravax
  • 511
  • 3
  • 12
  • I've created a rule which specifically allows https inbound. Now I can see the connection being allowed in my ISA log, but users get the following browser error message: Data Transfer Interrupted The connection to concept was interrupted while the page was loading. The browser connected successfully, but the connection was interrupted while transferring information. Please try again. – Istari May 08 '09 at 12:32
  • That sounds like your connection to exchange server is being disrupted after users connect through isa server... There are quite afew google posts about that message though. – Bravax May 08 '09 at 12:47