Outlook MSRPC over HTTPS proxy does not connect even though RPCPing looks ok

Status
Not open for further replies.
Y

yogeshnagarkar

Hello,

I have RPCPing show successful connection to the exchange server over an https/ssl proxy

C:\Program Files\Microsoft Visual Studio 9.0\VC>rpcping -t ncacn_http -s exchangeserver.mydomain.net -o RpcProxy=ssl.mydomain.net -P " proxyusername,mydomain,password" -I " xchgusername,mydomain,mysecret" -H 1 -u 10 -a connect -F 3 -v 3 -E -B msstd:ssl.mydomain.net -R none
RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002
OS Version is: 5.1, Service Pack 3

RPCPinging proxy server sslvpn.mydomain.net with Echo Request Packet
Sending ping to server
Response from server received: 200
Pinging successfully completed in 2422 ms

So comparing packet dumps from client when:

1. RPCPing->HttpsProxy->ExchangeServer

and

2. Outlook Client->HttpsProxy->Exchange server

On the rpc ping the tls handshake goes ok and I see appdata back and forth. Now on the outlook client, the handshake is terminated after the ChangeCipherSuite msg from the server.

Now rpc ping doc mentions that the -E option tests connectivity to the proxy only, so I ran another test https://ssl.mydomain.net/rpc/proxy .dll .In this case the proxy forwards the authorization request (401) from IAS/IIS to IE Browser and entering credentials results in a blank page. In this case too I can see RPC_IN_DATA and RPC_OUT_DATA being forwarded by the proxy so I am thinking the proxy is working at it should.

The outlook client is configured correctly (proxy settings and such). Any pointers on why the outlook 2007 client abruptly terminates the handshake or if there is something 'special' that needs to be done on the client, would be greatly appreciated.

Thank you,

Yogesh
 
S

Sembee [MVP]

Exchange version information would be useful here.

RPC over HTTPS/Outlook Anywhere on Exchange 2003 fails for one of three reasons = wrong registry settings, a problem with the SSL certificate or an authentication mismatch.

The first thing I would do is create a test account and run it through the Microsoft test site at http://exrca.com/ That would flat issues with the connection for you.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
Status
Not open for further replies.
Top