I scheduled a downtime and I joined my isa server to the domain. I'm still having the same issue. OA still working inside the network(internal server name) but doesn't work outside (external site name)
Here are connections on my MBX server when I connect using internal server name :
TCP 192.168.170.221:6001 192.168.170.221:43677 ESTABLISHED TCP 192.168.170.221:6001 192.168.170.221:43678 ESTABLISHED TCP 192.168.170.221:6001 192.168.170.221:43680 ESTABLISHED TCP 192.168.170.221:6001 192.168.170.221:43681 ESTABLISHED TCP 192.168.170.221:6001 192.168.170.221:43682 ESTABLISHED TCP 192.168.170.221:6001 192.168.170.221:43683 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43673 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43675 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43685 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43687 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43689 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43691 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43692 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43693 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43694 ESTABLISHED TCP 192.168.170.221:6004 192.168.170.221:43695 ESTABLISHED
I noticed that my MBX server can't establish connection with himself (through the port 6004 and 6001 and just manage to connect to the port 6002) when I attempt to connect through the external site name :
TCP 192.168.170.221:6002 192.168.170.221:58869 ESTABLISHED
Yes I Checked all the points mentioned in the links above.
I have a linux firewall / proxy in front of the Isa server. The client connect to the linux Firewall through ssl. ISA connect to the Exchange server (MBX/CAS) through ssl.
I have created a new external site name (rpc.domain.com) This domain is directly linked to my mbx server (ProxyPass[Reverse]) In this configuration the connection is OK ! (except the certificate, but it's normal)
My external site name (exchange.domain.com with OWA and ActiveSync) is linked to the Isa server. In this configuration, I lost the connection when I try to connect to /rpc (error 64)
According to me, the Isa server drop the connection for an unknown reason.
I have some questions which could help me to fix this :
- I have 2 different certificates : - On Linux Firewall : Subject = exchange.domain.com - On Isa and MBX : Subject = exchange.domain.com Alt Subject Name = exchange.domain.local = autodiscover.domain.local = autodiscover.domain.com - Outlook Anywhere external site name = exchange.domain.com
I don't have any certificates problems (No warning, no outlook error ...) Can I eliminate the certificate issue ?
- Is the *.domain.com certificate supported by Isa 2006 and Exch 2007 ?
- My MBX/CAS server is not the DC Server. Should I modify something in my configuration (ports, local firewall) ?
- I can't modify the validports registry key, it rollback to default values each time I open the registry editor.