0

I have exchange 2013 server within the company operates correctly:

Owa it's OK Outlook it's Ok Send and receive emails without problems. Has generated self-signed certificates.

When trying to access from outside the company:

The OWA service works properly. Outlook simply does not connect and gives the error "The server must be online or connected ..." I had the same problem when accessing internally but resolved with the implementation of self-signed certificates and their deployment in the network.

The configuration on the utm is:

Services: STMP: 25 POP3: 110 and 995 IMAP: 143 and 993 Active Sync 80 and 443

What can be the problem? Thanks in Advance.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
  • 2
    Try to troubleshoot your problem using: https://testconnectivity.microsoft.com/ – Scorpion99 Dec 31 '14 at 17:47
  • 1
    I have to agree with @Scorpion99 to start with, the test site is a great place to start. Also start with the basics, such as whether Outlook Anywhere is enabled, RPC client settings (how are you connecting using Outlook), etc.? Work on connecting before being concerned with sending/receiving. With Exchange and Outlook, you will probably want your profile to be set up for Exchange Server (generally you wouldn't use POP unless your connecting to your ISP or other email provider). Eliminate the basic stuff first. – SOSidb Dec 31 '14 at 18:43

3 Answers3

3

Don't use a self-signed certificate with Exchange. It's cheap enough to get a valid cert that will allow Outlook Anywhere to work properly. In addition you don't have to mess with mobile phones or tablets that would need the self-signed certificate trusted and installed.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
0

testconnectivity.microsoft.com does not work self-signed certificates. 1. first make sure this self-signed certificate is imported as trusted certificate in the client machine. 2. then try to create a new outlook profile, check if it is successful. 3. also you need make sure the Autodiscover is work when outside the company.

Denny
  • 1
  • 1
0

Sounds like you need to configure virtual directories. The following cmdlets will display the current settings:

Get-ClientAccessServer | FT Name,AutodiscoverServiceInternalUri -Autosize

Get-OabVirtualDirectory | FL ExternalURL,InternalURL

Get-WebServicesVirtualDirectory | FL ExternalURL,InternalURL

Get-OutlookAnywhere | FT Name,*hostname* -Autosize

Get-OutlookProvider

For the first four, the output will show the "internal" name of the Exchange server. What you need in order to make it work is to decide what name it will have both for internal and external access. Generally, the suggested approach is to user split DNS and have the certificate to include the FQDN of the server, which will be only the "external" one, as no CA will issue a certificate for the internal name. For example, you decide to use mail.contoso.com. This will require you to create DNS zone in your internal DNS which will be named contoso.com. Define an A record that will point to the internal IP of the Exchange server, same should be done for the access from outside ( as well open port 443).

in order to define the vdirs correctly, I suggest you use the following script: http://jaworskiblog.com/2013/04/13/setting-internal-and-external-urls-in-exchange-2013/

For the last setting, define the EXPR as explained here: http://blogs.technet.com/b/exchange/archive/2008/09/26/3406344.aspx

Vick Vega
  • 2,398
  • 16
  • 22