Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: steve288 on June 16, 2013, 04:10:21 PM
-
We have Exchange 2003. In the past the Outlook Web Access (OWA) didnt work. For people to pick up their email we set up a VPN connection through the SME 7.6 . so their phones could pick up their email via vpn.
Recently we got OWA to work. When the OWA started working I think the users who in the past used their phones to grab their mail stopped working. Part of the process to get the OWA working was to use ProxyPass to get through the back door to the exchange server inside the network. The code we used I have posted below but it is the same code found Here: http://wiki.contribs.org/SME_Server:Documentation:ProxyPassis
I provide it just to be thorough below. It works great. BTW. a.b.c.d. is to be replaced with my internal IP address.
Now of course when people go to https://myserver.com/exchange they can get to their outlook mail that is behind the SME server. But again the problem is that phone users now cannot pick up their email via their mail apps.
I'm wondering if some how setting up proxypass has messed/changed with the way the mail is picked up so that the phone's cannot pick up their email. I just don't now. I do believe that the the vpn connection is making a connection to the sme comptuer. So the VPN is working. I verify this by creating a vpn connection on a phone with the same pw etc that the phone users use then browsing with Safari on the phone to the sme server via its internal IP eg http://10.1.0.1/server-manager. This works which means that the vpn is making a connection to the linux computer and connecting up.
To conclude:
Can anyone provide any feedback on this. Why after I got OWA working (with Proxy Pass) did my vpn/email pickup stop working. (and of course how to fix so both work)
I recognize that some may say well this is an exchange question, and Im asking there too but Im hoping that becasue SME is in the process someone here might have had this problem also or be able to provide some insights.
Thanks.
-----------------------------------
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
echo '# ProxyPass Support for Internal Exchange Server
ProxyPreserveHost On
#OWA % character in email subject fix
RewriteEngine On
RewriteMap percentsubject int:escape
RewriteCond $1 ^/exchange/.*\%.*$
RewriteRule (/exchange/.*) ${percentsubject:$1} [P]
#OWA
ProxyPass /exchange https://a.b.c.d/exchange
ProxyPassReverse /exchange https://a.b.c.d/exchange
ProxyPass /Exchange https://a.b.c.d/exchange
ProxyPassReverse /Exchange https://a.b.c.d/exchange
ProxyPass /exchweb https://a.b.c.d/exchweb
ProxyPassReverse /exchweb https://a.b.c.d/exchweb
ProxyPass /public https://a.b.c.d/public
ProxyPassReverse /public https://a.b.c.d/public
ProxyPass /iisadmpwd https://a.b.c.d/iisadmpwd
ProxyPassReverse /iisadmpwd https://a.b.c.d/iisadmpwd
#OMA
ProxyPass /oma https://a.b.c.d/oma
ProxyPassReverse /oma https://a.b.c.d/oma
#ActiveSync (for WM5+ devices)
ProxyPass /Microsoft-Server-ActiveSync https://a.b.c.d/Microsoft-Server-ActiveSync
ProxyPassReverse /Microsoft-Server-ActiveSync https://a.b.c.d/Microsoft-Server-ActiveSync
#Force 'RequestHeader' in order to get IE to work
# End of Exchange settings
' > 91ProxyPassOWA
expand-template /etc/httpd/conf/httpd.conf
sv restart httpd-e-smith
-----------------------------------------------------------
-
steve288
Use the delegate mail feature
http://wiki.contribs.org/SME_Server:Documentation:FAQ:Section04#Deliver_ALL_email_to_a_single_internal_mail_server
Search back a few years for posts by Gordon Rowell re how Exchange & SME server work well together
-
Thank you for your response.
Actually I failed to mention in my op that the system is currently set for Delegation. It has been that way for many years. We use the Spam filtering email WBL and Clam AV as a first line of defense for our Exchange email, it works well.
I will look up the item you pointed to but We do use delegation so I dont think that is the reason.
Regards
-
Here is my understanding of your situation:
- you successfully used VPNs to allow mobile users to send & receive email from the exchange server
- you enabled proxypass for owa, which allows remote users to access exchange webmail
- the mobile/VPN users have not been reconfigured, but they have stopped working
The proxypass stuff should not have had any impact on VPN & port-based access from your phones to the exchange server - so there must be something else causing problems.
Here are some questions whose answers might be helpful:
What are the email client settings you use on your mobile phones (is the Exchange server accessed by IP or by name? If by name, does the name match the name configured in the proxypass directives)?
Are you still using the VPN, or are you trying to setup mobile phones to work without the VPNs (I don't think you can configure Activesync with only webmail access to the exchange server - or it may be possible but there may be extra proxypass directives required)?
Did you change any of the port-forwarding settings on the server when you setup proxypass?
Is there anything interesting or useful in any of the log files (eg /var/log/iptables/current) on the SME server, or on the Exchange Server?
Is there a specific error message that you receive on the mobile devices?
This discussion may contain useful information:
http://forums.contribs.org/index.php?topic=40075.0
-
You are correct in your "Rogerian" councelling of what I have said. e.g. Yes you have good grasp of what I am experiencing.
Im using IP addresses in both the iphone of the local exchange server and the proxypath script that I used.
The testing that Im going to do now is to leave the VPN out. I have not had time to look at this much but it appers that I cant even pick up mail from beind the firewall, that is, in the past if I turned the VPN off but was wirelessly connected to the office I could pick up email I asked one of the phone users and they said they couldnt even do this now. I mean the VPN is doing exactly the same thing as the Wireless connection just, creating a network. So it appears as you have said maybe nothing has changed on the SME and it is completely not the problem.
No I didnt change any Portforwarding. I only did the script that was called for based on the SME help.
The error on the phone is The connection to the sever failed. But now IM getting he feeling that this error message is really a message from the Exchange not the vpn.
I have not read the link you gave me but I will. My conclusion now is that it may be the Exchange and something we did when we got OWA working. Im going to look there and see if something is off or something.
IM sorry but I dont quite understand your comment on Activesync.
Regards
-
If you now suspect the Exchange server there probably isn't anything for you to learn from reading more about SME Proxypass.
I only mentioned ActiveSync in case that's what you're using on the mobile devices (iPhone setup as "exchange server", for example) *and* you had attempted to reconfigure the phones to work through proxypass using "OWA". I have a (vague) sense that Microsoft claims you only need OWA access for activesync, but I have a sense that I could never get it working without both OWA access and port 25 and possibly also port 993.
My first post was "spaghetti advice" - I threw out everything I could think of; pay attention to whatever sticks for your situation and ignore the rest.
-
I understand the spaghetti advice. I accept that.
Im a little confused in what you say when you say
"I could never get it working without both OWA access and port 25 and possibly also port 993. " Should I choose another method to connect up to the mail server in iphone that the exchange wizard. Maybe do it manually?
Have you ever got your phone to work and also OWA?
BTW
I have an old Iphone that i use.
My mail that did work was basically as follows
email : my@domain.com
Server: 10.1.0.2 (internal IP)
Domain: domain.com
Username: freddya
Password: *****
Description: exchange
use ssl: off (Ihave tried off and on.)
I think I used the connect to exchange wizard on phone.