Exchange 2010 RPC Over HTTPS, outlook keep trying port 135

Status
Not open for further replies.
N

nick kouk

Hello Exchange Experts.

I have an exchange 2010 server running on win 2008 R2 64 bit and i can access the owa from everywhere intranet and internet

so we have the following names

Internal domain: company.local

Internal exchange name: msrvr.company.local

external exchange domain: mail.company.com

i have no problem to access the owa from everywhere, i just need to install my certificate first because i use my own CA.

I can access the pop3 and imaps with thunderbird for example from everywhere.

now i configure the Outlook Anywhere with NTLM authentication to be able to access exchange through outlook with RPC over HTTPS.

from internal network i can use the exchange option on outlook and works fine.

when i try from internet i can't and getting at the add new e-mail account window when i press check Name button i get

" The connection to microsoft exchange is unavailable. outlook must be online or connect to complete this action"

and when i press ok

a smaller window appears with microsoft exchange title and i press again the check Name button and getting the following

" The name cannot be resolved. the connections to microsoft exchange is unavailable. outlook must be online or connected to complete this action"

if i do a netstat the time i press the check name button i can see that outlook trying to connect to mail.company.com at port 135 and after a while i get the messages.

according to netstat there is no request to 443 port.

any ideas??

thanks in advanced.
 
E

Ed Crowley [MVP]

You have to configure Outlook to use Outlook Anywhere for it to use port 443. If you have Autodiscover properly configured, Outlook should figure out the settings automatically.Ed Crowley MVP " There are seldom good technological solutions to behavioral problems."
 
E

Ed Crowley [MVP]

It is my experience that Outlook will always try port 135 to see if you are connected to the internal network. It's a desirable thing, really. You want your laptop users to use TCP internally and Outlook Anywhere (HTTPS) externally, and for Outlook to figure out the appropriate one to use. So the fact that your client is testing port 135 is not an indication that something is wrong. What apparently is wrong is that your Outlook Anywhere isn't configured properly, or Outlook itself isn't configured properly.

You might consider trying the Microsoft Exchange Remote Connectivity Analyzer:

https://testexchangeconnectivity.com

Ed Crowley MVP " There are seldom good technological solutions to behavioral problems."
 
N

nick kouk

Ed i try to test it with https://testexchangeconnectivity.com but i use my own CA as i said before so my CA is untrusted for https://testexchangeconnectivity.com.

any other ideas how to find out what's wrong.

also i don't care if it tries 135 port, my problem is that don't try anything on 443.

i forgot to mention that i have try outlook with /rpcdiag and i can see every time i press the " Check Name" button that try to request the internal FQDN of my exchange server msrvr.company.local

where does it found that domain the outlook??
 
E

Ed Crowley [MVP]

How do you have RPC-over-HTTPS (Outlook Anywhere) configured?

Ed Crowley MVP " There are seldom good technological solutions to behavioral problems."
 
N

nick kouk

yes, with outlook anywhere and with the mail.company.com domain....
 
D

Dave Stork

Which version of Outlook do you use? And which OS?

Do you use Autodiscover and is your certificate trusted by the client computer? Especially Outlook 2010 is picky in that regard.

Have you set the correct common name of the certificate with Set-OutlookProvider? Something like:
Set-OutlookProvider EXPR -CertPrincipalName msstd:mail.company.com

Technical Specialist / Infrastructure Architect @ www.OGD.nl - MCSE 2003 Messaging - MCITP Enterprise Messaging Administrator 2007 & 2010
 
B

Brian Day MCITP

Did you using the same FQDN for your internal client access array (MAPI/RPC access) and your external access point (OWA, OLA, EAS, EWS, etc...)? The client access array name should never be resolvable via DNS externally.Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
Status
Not open for further replies.
Top