1) Server(s) are behind a router that lets you share an IP address
2) Client (laptop) is on public internet side of router
3) Configure router to route port 443 (HTTPS) to Exchange server. (For sake
of clarity of this example, I'm pretending that I have a single exchange
server that is doing it all.) No other ports need to be opened to the
servers.
4) Review
http://support.microsoft.com/default.aspx? scid=kb;en-us;833401
Step #1 is done to Exchange server
Step #2 is done to Global Catalog server(s) that Exchange uses
5) Assuming that you are using a private (self-issued) certificate, make
sure that the laptop has a copy of the approving root CA installed. (Outlook
will throw no errors if it can't trace the certificate back up the chain and
just fail the connection over to a standard TCP/IP connection [which is port
135 by the way].)
Step #5 should be thought of this way, if you attach the certificate to a
website, type
https://fqdn.myserver.ext in your browser, and get any type of
dialog about the certificate not being trusted, doesn't match what was typed
in for an address, .etc, the RPC/HTTPs connection will fail everytime.
(Took me a while to figure this one out because no dialogs are ever
displayed that something is wrong.)
Thanks for the help Neo, RPCDIAG shows the server name
and type directory and referal and under the Conn heading
for both "---" with status "connecting". A netstat shows
me trying to connect to the server's IP on port 135 with
SYN_SENT. The firewall is just a D-Link router for the
time being to simplify things. I have ports 6001 and 6004
open to the server. The only way I can connect to it via
outlook is if I open port 135 to the server. I've
configured the server to issue a certificate to both the
FQDN and the public DNS name of the server with the same
results.
using RPCPING (rpcping.exe -t ncacn_http -s
ExchangeServerName -o RpcProxy=ProxyServerName -
P "user,domain,*" -H 1 -u 10 -a connect -F 3 -E -R none)
simply produces "ping failed" with no other information.
technique
is to open port 135 of
ideas. Can anyone
.