0

I have setup ms exchange 2016 in my company environment, done configured SSL and setup all virtual directory internal and external url as hostname.company.com, but I still can't land OWA when using public network. Is there anything missing in my below configuration?

Currently the network environment is Internet > Link Controller> Exchange

In internal DNS - Host A records for Exchange Server pointed to internal IP address (192.X.X.X) - Host A records for autodiscover.company.com pointed to exchange internal IP (192.X.X.X) - MX records for exchange.company.com

In external DNS - Host A records for autodiscover.company pointed to external IP of exchange server - Host A records for exchange pointed to external IP of exchange server

Using public network i'm able to ping exchange.company.com and autodiscover.company.com that resolve to the external IP of my exchange server.

In exchange server, i can telnet Load Balancer IP with port 443.

Any thing else i can check?

Thanks!

Minami
  • 23
  • 1
  • 7
  • Have you checked your Windows firewall settings, are you allowing 443? Do you have hostname.company.com in external DNS pointing to the external IP address? – Vick Vega Sep 30 '19 at 03:00
  • Hi Vick, yes i can telnet 443 from public network, added host a records for exchange pointing to external IP address.. thanks.. – Minami Sep 30 '19 at 03:31
  • can you confirm connection is accepted by Exchange server and NOT load-balancer? Are you able to point the traffic form the firewall directly to Exchange? – Vick Vega Sep 30 '19 at 03:39
  • how can i check the exchange server connection is accepted? from the exchange server, i opened wireshark, i able to see the load balancer IP direct to my exchange server but with connection reset error? – Minami Sep 30 '19 at 05:54
  • Sounds like you need to review your load-balancer config. Have you loaded the cert on the VIP? Or you sending traffic strait through? – Vick Vega Sep 30 '19 at 06:47
  • Hi Vick, apparently it is directly from LC as i checked with the network teams, the traffic from LC are straight to exchange.. – Minami Sep 30 '19 at 07:25
  • Do you have a trusted cert installed? Exchange relies heavily on having a valid certificate. Any online tests you're doing may fail, purely based on the invalid certificate. Also, Please check if configured the externalurl for OWA virtual directory, using Set-OwaVirtualDirectory. – Beverly Gao Oct 01 '19 at 08:27
  • the cert did have revocation check failed, but our lead told that it wont be an issue toward the connection. for the external url, yes we configured all url for virtual directory, eg. exchange.company.com – Minami Oct 01 '19 at 08:43
  • Hi, has your issue been fixed now? – Beverly Gao Oct 17 '19 at 09:48

0 Answers0