Error Publishing Exchange 2010 SP1 OWA through ISA 2006 SP2

Status
Not open for further replies.
M

msrathore

Hi team, here am i again with one new problem.

I have Exchange 2010 Sp1 installed with 2 HUB/CAS servers(CAS Array) & 2 mailbox servers in DAG.I am pubishing OWA using ISA 2006 SP2. while accessing owa from internet I am getting

error code :500 internal server error. the target principle name incorrect

searched for the error and found that it may be error of DNS resolution for the internal URL or Name mismatch on Certificate and internal URL. I have same internal and external URL and i can access the url on my ISA server without certificate prompt. i am using public certificate.Also the internal URL is resolvable from ISA server.

Please help
 
B

Busbar [MVP]

which certificate is chosen in the ISA in the listener configuration and which certificate is configured on IIS on the Exchange serverRegards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com, Follow me on twitter http://www.twitter.com/_busbar and if you Liked my post please mark it as helpful and accept it as an answer
 
M

msrathore

thanks Busbar for the reply :)

I am using public certificate with CN webmail.mydomain.in on both the Exchange 2010 CAS and ISA 2006(Imported from CAS). Same is choosen in web listner also. Also in publishing rule i have webmail.mydomain.in and internal and external URLs

thanks
 
A

alfa21

Make sure in the publishing rule in ISA, in the Tab TO, Computer Name or IP address, type webmail.domain.com, and be able to ping from ISA. Also in the Public Name Tab, you should have webmail.domain.com.

alfa21
 
B

Busbar [MVP]

something is not correct in certificate, please double check it.

also make sure the webmail.domain.com pings to the exchange internal IP on the ISA

Regards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com, Follow me on twitter http://www.twitter.com/_busbar and if you Liked my post please mark it as helpful and accept it as an answer
 
M

msrathore

well busbar,

I hve checked the certificate again. Its a SAN certificate with three domain names . The subject names are in this order:

autodiscover.mydomain.in

legacy.mydomain.in

webmail.mydomain.in

now does this order make any difference?? I can ping webmail.domain.com from ISA to the Exchange Internal IP(CAS NLB IP)

Thanks
 
B

Busbar [MVP]

it should cause a problem with older version but not with SP2...are you sure that SP2 is appliedRegards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com, Follow me on twitter http://www.twitter.com/_busbar and if you Liked my post please mark it as helpful and accept it as an answer
 
M

msrathore

ISA is ISA 2006 SP1 there is no SP2 available for ISA 2006 I have checked on internet
 
A

alfa21

I would change names in the cert so the first name to be webmail.domain.com, just to test, since it'll take you only few minutes to do it, and it won't harm anything.alfa21
 
M

msrathore

Wel the Cert on ISA is imported from the CAS server only. and have the same common name & SAN as i mentioned ablove
 
B

Busbar [MVP]

in the to field in the publishing rule you must use the same name of the common name of the certificate.Regards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com, Follow me on twitter http://www.twitter.com/_busbar and if you Liked my post please mark it as helpful and accept it as an answer
 
M

msrathore

well,

that was my error, ISA 2006 SP1 was not applied. after applying SP1 there was no problem
 
Status
Not open for further replies.
Top