• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: Discussion of Configuring Outlook 2003 RPC over HTTP client article

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Web Publishing >> RE: Discussion of Configuring Outlook 2003 RPC over HTTP client article Page: <<   < prev  1 2 3 4 [5]
Login
Message << Older Topic   Newer Topic >>
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 22.Jul.2006 1:47:29 PM   
shenainayan

 

Posts: 2
Joined: 15.Jun.2006
Status: offline
I have configured RPC over HTTPS according to the following article http://support.microsoft.com/?id=833401 Ė but my main problem is that it works from inside the company but not from the outside. My setup is like this. I have two domain names one called https://mail.outside.com (this is being used for outside access) (this also has a valid certificate optained from Thawte) and I use an internal name called serverhostname.inside.com. Certificate Issued by me from Thawte is on name https://mail.outside.net/exchange, I have also tried by issuing certificate with https://mail.outside.net, but my problem does not get reduced.Exchange server has IP 192.x.x.AAA which is connected to my ISA server that has Public IP. ISA Server 2004 is located between Exchange server 2003 and Internet, so that my exchange server is back end server (no front end in my scenario). If i ping to mail.outside.com , it resolves correctly to my Public IP of my ISA Server 2004 from outside.If I use https://servername.inside.com - then I am able to make the Connection from the inside through RPC over HTTPS and if i use the real name from the Outside https://mail.outside.com, then also i am able to do the connection by giving my username and password. I am also able to get to the website https://mail.outside.com/rpc/proxy.dll by getting a blank page when I am connected to outsideEverything else on the server works, I can use the OWA from outside through https://mail.outside.com/exchange.I have also configured my ISA server to disable ďCompression filterĒ, after doing so I am able to get all test correct from inside as well as outside. I configured the valid ports to look at my internal name servername.inside.com. I type following command on Exchange Server  which is mine back end server c:/>rpccfg /hd  server Name                           Port    Settings mail.zzz.com                     6001-6002  6004 servername                        6001-6002  6004     servername.xxx.com           6001-6002  6004 I configured the RPC folder to use Basic auth, and to use SSL                                                                             ::::::ACTUAL PROBLEM::::::when i configure my outlook , it does not resolves my name correctly to servername.inside.com and it gives me.                                 ďThe Action Could not completed. The connection to Microsoft exchange server is unavailableĒ  Do you have an idea what the problem is, if you need more info let me know.Thank you

(in reply to tshinder)
Post #: 81
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 30.Jul.2006 7:20:34 AM   
Mostafa

 

Posts: 7
Joined: 19.Dec.2005
Status: offline
I configure RPC over http to my front end. And itís working from the inside network can see from Outlook /rpcdiag that connection is made by https. But from the external I canít login  using the same pc. Iím using cisco pix fro internet firewall and ISA 2004 .
Cisco pix is allowing port 80, 443, 25,135 and I publish exchange RPC in ISA using mail wizard.. but itís not working . from the inside I canít ping my rpc proxy using rpc ping command
rpcping -t ncacn_http -s "back-mail" -o RpcProxy="front-mail" -P "user, domain, password" -I "user, domain ,password" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none
 Itís Failed with error 401 client is not authorized to ping RPC proxy.
Please help Iím complete lost

(in reply to tshinder)
Post #: 82
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 8.Aug.2006 4:38:59 PM   
Themlruts

 

Posts: 1
Joined: 8.Aug.2006
Status: offline
Just wanted to first start off and say hi to all of you.  I am new to the site.  I am not sure if I am in the right place for this but i will try anyways.  I am running a MS SBS2003 server at my home with a standard linksys router.  My internet is cable and they do block port 80.  I am running exchange server on my sbs server.  I was able to change the port that the webmail works on so I could get to it. The sbs server is domain server MRUOTOLO.local  Now what i am trying to do is set up RPC over http.   I dont have a static at my house so i am using a dns fowarder no-ip.com.  I cant seem to get rpc over http to work.  i have setup everyhing in outlook and just used mruotolo.myvnc.com which is the dns forwarder.  But it prompts me for my password and i put it in but the server does not connect.  Well i am thinking that the man problem is becuae the sever is just a .local and its not out on the web.  If this is the case can or should i get a valid domain for it so i can put it out on the web.  I do own mruotolo.com.  No i know its a lot but i am new to the server situation trying to learn doing the hands on atempt.  Well any help would be apreciated.
Thanks
Mike

(in reply to tshinder)
Post #: 83
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 31.May2007 9:16:25 PM   
awurthmann

 

Posts: 3
Joined: 31.May2007
Status: offline
Also posted to: http://forums.isaserver.org/m_2002023851/mpage_2/key_/tm.htm#2002045787

I just spent all day on the phone with MS over this one. Here is what I found out starting with what my problem was.

Environment:
ISA Server 2006, tri-homed (WAN,DMZ,LAN)
Exchange 2003 Frontend server in DMZ (single homed)
Exchange 2003 Backend server on LAN (single homed)

Solution:
In addition to the usual set of firewall rules for the Frontend to talk to the Backend and the DCs and the GCs there are three additional ports for RPC over HTTP aka RPC Proxy. TCP Ports 6001,6002,6004. You can verify this in the registry on the Frontend server (assuming that your Frontend server can talk to the Backend already and that Exchange System Attendant is running)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy\ValidPorts

Create custom protocal(s) for 6001-6002, 6004 or 6001-6004 if you are lazy like me and allow them from the Frontend to the Backend.


Other things I learned.
1) Error 64 when connecting through the ISA box to https://mail.company.com/rpc/rpcproxy.dll via a web browser is NORMAL and is the CORRECT behavior. What error 64 means in this regard is that the wrong client agent was used to access the url. In this case a web browser was used instead of Outlook/MSPRC.

2) ISA Server 2006 is not currently (May 31, 2007) fully compatible with Windows Server 2003 SP2. You need to make the following registry changes and reboot. (please go verify this somewhere, I am going off of what MS told me)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"EnableTCPA"=dword:00000000
"EnableRSS"=dword:00000000
"EnableTCPChimney"=dword:00000000
**and perhaps: "EnableSecurityFilters"=dword:00000000

3) To restart IIS from and command prompt even faster type: iisrest

4) The ISA Best Practices Tool has the Debug tools in it that MS will need to assist you so be sure to keep your Best Practices Tool up to date

5) When using "outlook.exe /rpcdiag" HTTPS means RPC over HTTP and TCP/IP means straight RPC.

6) To troubleshoot RPC over HTTP you may have to disable Outlook's ability to revert back to using straight RPC.
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\RPC]
"DisableRpcTcpFallback"=dword:00000001

7) ISA Server 2006 has all kinds of nefty monitoring filters, don't be afraid to add columns so that you can see more and create filters that filter applied rules. For example, a filter like Rule Equals "Inbound Exchange Services" can come in hand when troubleshooting.

8) The latest (April 2007) hotfixes for ISA Server 2006 can be found here: http://support.microsoft.com/default.aspx?scid=kb;EN-US;935882 There are some changes to some of the involved components for RPC over HTTP.
 
9) A lot of people have seen this problem, Iím not sure if ďmyĒ fix will help everyone but I am going to do my best to post it everywhere I looked that didnít have the solution posted.


_____________________________

-Aaron Wurthmann

(in reply to shenainayan)
Post #: 84
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 3.Dec.2007 12:37:48 PM   
kevmeister

 

Posts: 1
Joined: 3.Dec.2007
Status: offline
I have a question. I'm not "uber" technical, but have managed to get it all working. And can connect to our exchange over our 3G cards (great)

My problem is when the user comes back into the office, they plug in a Lan cable instead of going over their 3G card, in which case it doesn't connect to the exchange server. and so have to go into the settings and untick the tick box "connect using http" but as the users would find this too technical and time consuming, for now i have simply created 2 seperate profiles (in office) and (away from office) configured differently, one to use rdp over http, and one not to.

The only trouble is at the end of a work day there could be a lot of changes that would then need to be sync'd over the 3G card.

Ideally, i'd like one profile that i can change the way it connects by the click of a button. Is there a way to enable/disable the "Connect over HTTP" tickbox by the click of a button without going into the settings?

Many thanks

Kevin

(in reply to awurthmann)
Post #: 85
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 5.Dec.2007 7:35:55 AM   
AHIT

 

Posts: 1561
Joined: 22.Jul.2002
From: Sydney, Australia
Status: offline
I haven't read the entire thread so I may be barking up completely teh wrong tree here... but..
Could this be done with a .reg file you double-click to alternate between your settings?
ie: Set one way, export appropriate keys, chance to alternate and export
Then you have 2 files to choose between...

Just throwing it out there!


_____________________________

http://www.ahit.com.au/isa
(Previous nick: Tolk)

(in reply to kevmeister)
Post #: 86
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 22.Mar.2008 10:26:49 AM   
HeLy

 

Posts: 2
Joined: 22.Mar.2008
Status: offline
Hi friends, I am standing as we say in German "luike the donkey at the mountain". I have done Outlook RPC over HTTP a few times on different clients, everything works. Now I go a new machine at home, where my wife and me are working with. My wifes account works, mine not, always telling "disconnected". On my old PC at home it worked!!! I have done exactly as it should, establishing VPN, puting all the parameters in the windows, OL 2003 works fine on VPN. Once VPN is disonnected, it asks for user name (which is already preset in form domain/user) and my password. But it never connects. No other RPC over HTTP connection is active!

OL2003 SP3 with ISA2004

Any ideas?

Greetings from Prague!

Heinz

(in reply to tshinder)
Post #: 87
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 24.Mar.2008 11:49:58 PM   
AHIT

 

Posts: 1561
Joined: 22.Jul.2002
From: Sydney, Australia
Status: offline
desktop based firewall denying the RPC??

_____________________________

http://www.ahit.com.au/isa
(Previous nick: Tolk)

(in reply to HeLy)
Post #: 88
RE: Discussion of Configuring Outlook 2003 RPC over HTT... - 25.Mar.2008 2:56:55 AM   
HeLy

 

Posts: 2
Joined: 22.Mar.2008
Status: offline
Firewall cannot be the issue. Web works, the protocol is the same and the ports 80 and 473 are open. OWA works too! I am not an ISA expert, but I saw in the log of the ISA2004 something like he is refusing the connection, because "too many attempts within one second". Does it make sense for you experts?

Regs

Heinz

(in reply to AHIT)
Post #: 89
Which TCP port needs to be open for Outlook RPC over HTTP? - 8.Aug.2009 11:05:42 AM   
jnsunkersett

 

Posts: 2
Joined: 17.May2006
Status: offline
Hi,

Your article was very informative.
I could successfully setup my outlook client, to connect to my company exchange, from HOME.

However, in another scenarion I cannot.
@ work, from my desktop, I establish a VPN connection using Juniper to my client network (so logically/ network-wise I am dis-connected from my company network)
But in that scenario I cannot establish a RPC over HTTP to the same exchange server (to which I can, from home)....I suspect some firewall port is blocked.

Which port could it be?
and in what direction 'exchange-server' to 'my-desktop' or the opposite?

I tried the "outlook /rpcdiag" command but that did not reveal any port number; except indicating status to the effect ....'attempting connection' followed by 'disconnected'

PS: However;
With VPN established, internet browsing remains open and I can access Outlook-Web-access (and I supply the same owa url in exchange proxy settings, of my outlook client)

~g1

(in reply to tshinder)
Post #: 90

Page:   <<   < prev  1 2 3 4 [5] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Web Publishing >> RE: Discussion of Configuring Outlook 2003 RPC over HTTP client article Page: <<   < prev  1 2 3 4 [5]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts