RPC logon problem

RPC logon problem (Full Version)

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing

Message

JohnnyLehnemann -> RPC logon problem (24.Jun.2007 4:56:39 PM)
Hi, I have setup RPC with Exchange 2003 and ISA 2006 following one of the guides from this page. When I test it using a webbrowser to https://mailserver/exchange it works great, and I can see in the ISA log that the connection is running. But when I try to connect using Outlook, I get a login box, and after a while the connection fails. When I look in the ISA log I also see a failed connection entry. Does anyone know what could be causing this issue? Thanks

tshinder -> RE: RPC logon problem (25.Jun.2007 1:10:37 PM)
Are you publishing RPC/HTTP or Secure Exchange RPC? Tom

JohnnyLehnemann -> RE: RPC logon problem (26.Jun.2007 2:30:57 AM)
The firewall published rule is an Exchange Web Client Access publishing rule and I have chosen Outlook RPC/HTTP(s) as the type. As I said in my first post, when I log on using the web interface on https://mailserver/exchange it works fine and I get my Outlook Web Access, but when I open Outlook from a client not logged on to the company network and try to start the RPC/HTTPS connection, I get the login prompt, and after a while i get a message saying that the exchange server must be online to connect. Also when I look in the ISA logs I can see that I first get a initiated connection and immidiately after that I get a failed connection attempt. I dont know if this info helps?

tshinder -> RE: RPC logon problem (26.Jun.2007 9:15:59 AM)
Did you create a rule publishing RPC/HTTP? What guidance did you use to set it up, since there are many moving parts to a successful RPC/HTTP solution. Tom

JohnnyLehnemann -> RE: RPC logon problem (26.Jun.2007 9:25:35 AM)
Hi, I am using the guide from this site called "ISA Firewall Publishing OWA and RPC/HTTP with a Simgle IP Address"

tshinder -> RE: RPC logon problem (27.Jun.2007 12:34:18 PM)
OK, good. Check my blog post today about troubleshooting RPC/HTTP and see if that helps. HTH, Tom

Jeroen_317 -> RE: RPC logon problem (28.Jun.2007 10:03:51 AM)
Hi, our you using Outlook 2003 or Outlook 2007? Regards, J.

JohnnyLehnemann -> RE: RPC logon problem (29.Jun.2007 2:37:14 AM)
Hi, I have tried going through the troubleshooting guide, but I cant seem to find any errors, I have also tried starting from scratch following the guide again, but still no luck. I dont know if my server setup makes any difference. My RPC/HTTP Exchange server is installed on a server that is also one of two domain controllers in my domain. There are also wo Exchange servers in the domain. The ISA server is a 2006, and the Ootlook clients are both 2003 and 2007.

JohnnyLehnemann -> RE: RPC logon problem (29.Jun.2007 7:43:05 AM)
New update! I have just tested the setup with a Outlook 2003 on the internal network, and it seems to work fine. I have arranged an external test on Outlook 2003 later today, maybe there are some issues with Outlook 2007?

tshinder -> RE: RPC logon problem (29.Jun.2007 10:00:49 AM)
Let us know how it works out for you! Tom

JohnnyLehnemann -> RE: RPC logon problem (2.Jul.2007 5:33:30 AM)
Just an update: This weekend I have tried to work with Outlook 2003 to see if this makes any difference. So far, when I open Outlook, I get the login prompt where I enter domain\username and password. But when I click enter, the login box just comes back again over and over, and in the ISA log, there are no entries of either failure or success. I have tried using RPCPing to troubleshoot, and I enter the following string: rpcping.exe -t ncacn_http -s InternalFQDN -o RpcProxy=ExternalFQDN -P "username,domainname," -I "username,domainname," -H 1 -u 10 -a connect -F 3 -v 3 -E -R none And the result from this is: RPCPinging proxy server ExternalFQDN with Echo Request Packet Sending ping to server Response from server received: 200 Pinging successfully completed in 250 ms So it seems that RPC is setup correctly, but I still cant get a connection when using Outlook 2003/2007 [:(]

Jeroen_317 -> RE: RPC logon problem (3.Jul.2007 3:07:24 AM)
Are you certain your certificates are okay? Have you imported the CA certificate to your local computer running Outlook? That's necessary if you haven't bought "official" certificates.

tshinder -> RE: RPC logon problem (3.Jul.2007 1:12:29 PM)
Yes, the CA certificate must be installed on the client -- that's one of the most common reasons for the connection to fail. Make sure that you're using basic delegation Make sure that you're entering the correct name for the proxy on the client side -- this is the name on the certificate bound to the Web listener. HTH, Tom

JohnnyLehnemann -> RE: RPC logon problem (4.Jul.2007 5:05:06 AM)
I have bought an official certificate, but I have tried installing this on the client as well with no result. I am using basic delegation. The certificate is bound to the address owa.companyname.dk and this is also the name I use in Outlook.

tshinder -> RE: RPC logon problem (4.Jul.2007 11:50:23 AM)
Not the Web server certificate, the CA certificate. Tom

JohnnyLehnemann -> RE: RPC logon problem (5.Jul.2007 6:04:59 AM)
Is there something I'm missing? I bought an official certificate from www.instantSSL.com , I chose an Essential SSL certificate and I set the common name in this to the external DNS/FQDN name of my mailserver owa.companyname.dk, have I bought the wrong certificate or have I configured it incorrectly? Remember that when I call https://owa.companyname.dk/exchange, it works fine, and I can see that the certificate is loaded as well. With this approach I can also see a log entry in the ISA logs where the connection is allowed, open and closed accordingly.

tshinder -> RE: RPC logon problem (6.Jul.2007 2:47:42 PM)
Is the instantSSL root CA certificate installed on the client? Tom

Page: [1]