Discussion:
RPC over HTTP works internally but not over internet via ISA
(too old to reply)
Smokey Grindel
2008-06-11 20:42:33 UTC
Permalink
We had this working in the past... but we made changes today to get
OMA/ActiveSync working and now our RPC Outlook connection on the internet
doesnt want to authenticate... this goes through an ISA 2004 SP3 server...
When we connect to our RPC over HTTP service internally all works great! go
outside the firewall and it will look like its trying to connect... I did
the outlook -rpcdiag and this is what happens

mailserver.domain.com Type DIrectory Status Connecting..

a dialog pops up asking to connect to mailserver.domain.com... I enter the
DOMAIN\user and password... click OK it shows up again... nothing changes at
all on the Microsoft Exchange Connection status window... this just keeps
happening again and again until I click cancel...

now if I go to https://domain.com/rpc it gives me the same connect to domain
dialog... I enter the same info first time goes again enter it again...
repeat screen enter it a third time it says "HTTP Error 401.3 -
Unauthorized: Access is denied due to an ACL set on the requrested
resource.".. well it works inside the building so not sure whats up... but
then some places say this is the message you are supose to get! If I go to
(from outside the firewall) https://domain.com/rpc/rpcproxy.dll I get a
Error Code 64: Host not available... which again some places say to
expect... so what is going wrong here? I have in ISA 2004 the HTTPS web
filter set up using the publishing mail server wizard that is in ISA... OWA
and OMA work fine! It has ssl set up and everything using Basic
authentication... where should I start looking?
Smokey Grindel
2008-06-12 12:49:10 UTC
Permalink
Accidently stumbled upon something that made it work in ISA... we had basic
authentication only turned on in the filter that ran the site for exchange
in ISA... well enabled intrgrated as a possible method on the filter too and
now it works again
Post by Smokey Grindel
We had this working in the past... but we made changes today to get
OMA/ActiveSync working and now our RPC Outlook connection on the internet
doesnt want to authenticate... this goes through an ISA 2004 SP3 server...
When we connect to our RPC over HTTP service internally all works great!
go outside the firewall and it will look like its trying to connect... I
did the outlook -rpcdiag and this is what happens
mailserver.domain.com Type DIrectory Status Connecting..
a dialog pops up asking to connect to mailserver.domain.com... I enter the
DOMAIN\user and password... click OK it shows up again... nothing changes
at all on the Microsoft Exchange Connection status window... this just
keeps happening again and again until I click cancel...
now if I go to https://domain.com/rpc it gives me the same connect to
domain dialog... I enter the same info first time goes again enter it
again... repeat screen enter it a third time it says "HTTP Error 401.3 -
Unauthorized: Access is denied due to an ACL set on the requrested
resource.".. well it works inside the building so not sure whats up... but
then some places say this is the message you are supose to get! If I go to
(from outside the firewall) https://domain.com/rpc/rpcproxy.dll I get a
Error Code 64: Host not available... which again some places say to
expect... so what is going wrong here? I have in ISA 2004 the HTTPS web
filter set up using the publishing mail server wizard that is in ISA...
OWA and OMA work fine! It has ssl set up and everything using Basic
authentication... where should I start looking?
Loading...