• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Error 500, Publishing OWA 2003 via ISA 2006

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Error 500, Publishing OWA 2003 via ISA 2006 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Error 500, Publishing OWA 2003 via ISA 2006 - 21.Aug.2007 3:25:00 AM   
baspeels

 

Posts: 3
Joined: 20.Aug.2007
Status: offline
I keep getting the following error trying to publish my OWA 2003 via SSL:
Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022) 
when trying to access https://mail.company.eu/exchange from an external client. I do receive the HTML sign in page but after signing in with: domain\user I receive the error. On the ISA monitoring I see a failed connection attempt from the external client to the Exchange server.

I know this has something to do with the certifcate I am using, but can't find out what.

I have a Exchange 2003 domain member server of the internal domain company.local
The name of the Exchange server is: SRV_EX01 with an DNS alias mail.company.local
Externally the mail server is known as mail.company.eu

I have a ISA 2006 domain member server which is SRV_ISA01 this server has 2 network cards one is defined Internal and the other External.

I setup a CA on the SRV_EX01 and created a certificate with CN=SRV_EX01
I imported the certificate on the ISA server and I can access the OWA client from the ISA server via: https://srv_ex01/exchange

After that I setup a publising rule for publishing the OWA website externally with a listener. I keep getting the error 500 mentioned above.

After that I created a certificate for CN=mail.company.eu and installed it on the ISA server and changed the listener to use the new certificate, but still the same error. I even tried the same action with CN=mail.company.local

I also had some IP resolving errors but changed some DNS settings to solve these as mentioned below.
I added a primary DNS zone for: company.eu in our internal dns and added the host mail to be sure the ISA server could reach the mail server internally on the external name. I changed the DNS settings on the external network card to use our internal DNS servers. And I a forwarder on our DNS server to be able to reach the Internet.

I hope somebody knows what to change because I tried so many things but can't get it to work.
Post #: 1
RE: Error 500, Publishing OWA 2003 via ISA 2006 - 23.Aug.2007 2:23:10 PM   
bluemax

 

Posts: 2
Joined: 22.Aug.2007
Status: offline
Hi baspeels.
 
I get the same error. Did you fixed the error.

 

(in reply to baspeels)
Post #: 2
RE: Error 500, Publishing OWA 2003 via ISA 2006 - 24.Aug.2007 12:52:58 PM   
Zabulon

 

Posts: 22
Joined: 23.Jan.2007
Status: offline
On the Rule Action page, select the Redirect the request to this internal Web server (name or IP address) option. In the text box under this option, type in the FQDN of the OWA Web site that is the same as the FQDN listed in the common name of the certificate and the name the external users use to access the site. This prevents you from getting sever error 500 messages and certificate mismatch problems. The key to making this redirect work is a split DNS infrastructure or a HOSTS file entry for the FQDN of the OWA Web site that resolves to the internal address of the OWA site. We’ll cover this issue more in the DNS discussion later in the article.

(in reply to bluemax)
Post #: 3
RE: Error 500, Publishing OWA 2003 via ISA 2006 - 31.Aug.2007 6:25:07 AM   
baspeels

 

Posts: 3
Joined: 20.Aug.2007
Status: offline
I tried to set this option, but on the Rule Access page I can only choose from Allow and Deny. The option to redirect to another page is only available when I choose Deny. I therefore set the option to Deny and filled in our external FQDN to reach the OWA site, but it didn't work. So I set back the original setting.

(in reply to Zabulon)
Post #: 4
RE: Error 500, Publishing OWA 2003 via ISA 2006 - 13.Sep.2007 4:41:14 AM   
baspeels

 

Posts: 3
Joined: 20.Aug.2007
Status: offline
I finally found a solution!!

In ISA manager in the OWA access rule in the tab To.
fill in the field: Computer name or IP address (required if the internal site name is defferent or not resovable):
mail.company.eu (the external FQDN)

This was probably the same item, Zabulon mentioned. But he directed me to the wrong tab.

I never expected that I had to use the external FQDN for internal name resolving.
But anyway.

(in reply to baspeels)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Error 500, Publishing OWA 2003 via ISA 2006 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts