Announcement

Collapse
No announcement yet.

RPC http(s)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RPC http(s)

    Dear Community,

    I somehow cannot get RPC over http(s) to work.

    Scenario is following:

    Windows 2003 R1 (sp2 installed)
    Exchange 2003 (sp2 installed)
    ISA 2004 (sp3 installed)

    - If I connect through VPN, or am in local LAN network, I can connect with Outlook using Exchange;
    - OWA is working, through https.

    Configuration is following:


    1. First I setup Outlook 2003 in LAN (or through VPN a laptop) for connecting to for e. "server.office.local" - here giving the local address, not the "mail.servername.hu"

    2. Modify the Email settings at "Connections" for connecting exchange through http

    3. Exchange proxy settings are https://mail.servername.hu, only connect using SSL, proxy name is msstd:mail.servername.hu

    4. Click on both "On fast networks..." and "Slow networks" so that both are enabled

    5. Using NTLM authentication.


    Okay, now the server-side:

    Right click on RPC (IIS, Default-Web-Site), Directory security is set up for using 128bit and SSL connections and no anonymous is allowed but Basic authentication.

    ISA 2004 has a rule to allow rpc from external to local host.


    Is there anything else, I should set up?! Can You tell me what information I should provide, because I don't see really the point why it does not work.


    Thanks in advance,



    Frank

  • #2
    Re: RPC http(s)

    Do you have a third party certificate installed in IIS?
    Without it you will get nowhere!

    I don't know about the ISA side....
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: RPC http(s)

      Originally posted by frank_koncz View Post
      Dear Community,


      5. Using NTLM authentication.


      Okay, now the server-side:

      Right click on RPC (IIS, Default-Web-Site), Directory security is set up for using 128bit and SSL connections and no anonymous is allowed but Basic authentication.

      ISA 2004 has a rule to allow rpc from external to local host.


      Is there anything else, I should set up?! Can You tell me what information I should provide, because I don't see really the point why it does not work.


      Thanks in advance,



      Frank
      Set it up using basic.
      Remote users when on the LAN will just have to enter in a password all the time unless you want to deal with profiles.

      Comment


      • #4
        Re: RPC http(s)

        I don't really get what you mean:

        - I have set up a self-made certificate

        It is set up as with basic authentication.

        It is synchronising through vpn and/or lan, but not through a normal internet connection.


        What to do now people?

        Thanks in advance,


        Frank

        Comment


        • #5
          Re: RPC http(s)

          Oh I almost forget to tell:

          I set up as for using basic auth (both server, both client side), still not finding the server only if I connect through the vpn.


          So what to do now?!

          Comment


          • #6
            Re: RPC http(s)

            you did add a dns record?
            If on the internet your cert name does not resolve it will not work.



            just to test with one mod your hosts file

            x.x.x.x OWA.domain.com

            the owa.domain.com must match your cert.
            there also must be a tab between the IP and you FQDN

            Now test to see if it works if it does then when done dont forget to remove the entry( I got burned by that) and call your ISP to add a DNS record.

            Comment


            • #7
              Re: RPC http(s)

              Hi!


              Thanks for the reply, but:

              - I'm using spamfilters, so I would been for a long time on a spamlist, if I wouldn't have a reverse DNS record.

              if I ping my "mail.mydomain.hu", it is of course - resolved, and if I use ssh from the server to connect to a linux box, it gives me back the name "mail.mydomain.hu".

              I do have correct dns records and reverse DNS records set up.

              Anyway, even the computer resolved the "mail.mydomain.hu" address...

              anyway, I did add the hosts entry.

              Sorry, the Outlook does not find the Exchange server.

              Only through vpn or lan, not through any type of internet (laptop's internet-connection is without any obstacles, like router firewall or else)


              So what to do now?

              Comment

              Working...
              X