No announcement yet.

RPC over HTTP(S) through Watchguard

  • Filter
  • Time
  • Show
Clear All
new posts

  • RPC over HTTP(S) through Watchguard

    Setting up RPC over HTTP is almost second nature to me so when it doesn't work, I feel like beating my head against a wall!

    I have 2 clients who have just defied all attempts. I can connect when I am locally attached to their networks but not when I am remote. I know I have port 443 properly open as I am using SSL for OWA.

    I have purchased a certificate for both from the same source as the 50 or so other clients I have doing the same thing and verified it again using OWA.

    The only difference is both of these clients are using Watchguard firewalls. One has a Firebox 500 and the other an x500.

    Anything special I need to do on a Watchguard to allow RPC or HTTPS?


  • #2
    Re: RPC over HTTP(S) through Watchguard

    When the end-users access OWA via the firewall, are they getting prompt for "This certificate is not trusted"...?

    We need to ensure that the client OS, should trust this certificate, before configuring the Outlook Profile.


    • #3
      Re: RPC over HTTP(S) through Watchguard

      When you tested the connection inside, did you verify that the connection was indeed on https? In many cases with an internal connection it can appear to be working only to find that it has failed back to TCP/IP.

      The presence of the Watchguard shouldn't cause a problem unless it has some kind of scanning feature enabled which is blocking the traffic, but those don't often apply to SSL traffic.

      Simon Butler
      Exchange MVP

      More Exchange Content:
      Exchange Resources List:
      In the UK? Hire me:

      Sembee is a registered trademark, used here with permission.


      • #4
        Re: RPC over HTTP(S) through Watchguard

        Yes, the certificate is trusted. As I stated, it is a root level certificate from the same authority as about 50 other clients I have connected succesfully.

        As far as the local connection using https, I cannot be sure of this but the port on the Watchguard is open as we use OWA with forms based authentication succesfully over port 443.


        • #5
          Re: RPC over HTTP(S) through Watchguard

          * double-check your dns configuration on the clients
          Need to reach/resolve the Exchange Back-end server name
          (since, this is the one, we provide while configuring the profile)

          * Can you try opening the port 135 on the Firewall?
          (temporary and testing purpose)


          • #6
            Re: RPC over HTTP(S) through Watchguard

            Have you tried posting this over at the Watchguard forums?




            • #7
              Re: RPC over HTTP(S) through Watchguard


              I have a client with SBS 2003 running RPC over HTTPS without problems through a X700. They previously had an X500 which also worked. I don't recall any fancy things that needed to be done in the firewall to get it working. Most problems were on the Outlook end, and starting it with Start, Run, outlook.exe /rpcdiag helped the most. Some systems liked the DNS name in the server name field, some the computer name. Kinda weird, but all of them ended up working one way or another.....

              I'd be happy to review their config if you have specific questions.....