cancel
Showing results for 
Search instead for 
Did you mean: 

ISA 2006 + Exchange 2007 + EV SP4

alogic
Level 4
Hi Everyone,

We're using ISA 2006 SP1 + Exchange 2007 SP2 + EV 8.0 SP4
We're having an issue after installing each new service pack for EV, users who access OWA + EV externally do not see the Vault Icons and cannot perform any vault actions.
From my understanding, OWA RPC Extensions are installed on the CAS server and OWA will handle all the EV requests between the user and the EV server. Since we're using ISA, We have 2 rules in place,
1) EV web publishing rule which has the following settings:
To tab: Publish site: <external vault server's DNS address>
           Computername or IP:  <Internal vault FQDN server address>
Traffic tab: HTTP and HTTPS
Listener tab: Using Exchange web listener
PublicName tab: >owa.company.address> and <external vault server's DNS address>
Paths tab: External Path = <same as internal> Internal Path= /EnterpriseVault/*
Authentication delegation = Basic authentication (As the ISA server is not joined to the domain)

2) OWA web publishing rule which has the following settings:
Link transalation tab:
Replace                                          With
http://evserver                              http://externalowa.webaddress
http://evserver/EnterpriseVault       http://externalowa.webaddress/EnterpriseVault
https://evserver                            http://externalowa.webaddress
https://evserver/EnterpriseVault     http://externalowa.webaddress/EnterpriseVault 

After checking the ISA logs, I notice that the EV rule is redirecting users to the backend EV server and trying to fetch the Images and Scripts, instead of fetching them from the CAS server.
From the screenshot you can see the error message is "404 Not Found'.

I've already spoken with a Symantec Engineer and we think it's because the EV rule is misconfigured but not sure where. :\
Has anyone successfully got ISA 2006 and EV to work together?

Cheers,
-S
3 REPLIES 3

Amit_Gupta
Level 5
Employee Accredited Certified

It might be little late to reply.. Did you turn on the EV OWA logging? This technote may be helpful:
http://seer.entsupport.symantec.com/docs/321015.htm

ggeorgi
Level 5
Partner Accredited
Have you tested the OWA from the inside LAN? Here is the logic behind EV+OWA:
1. request goes to the CAS 
2. the CAS tries to find the mailbox but by default it searches locally, but if you have installed on the CAS something like RSA, it will fail.

what you have to do is to go to the web.config file on the CAS server and do some changes. 

If you are in this category, then give more details in order to help you more.

Recently, I implemented this configuration.


alogic
Level 4
Thanks everyone. It turns out that I don't need Link translations in place at all for EV because we wanted to allow users to use O.A externally as well.
Due to the fact that when we archive an item and enable the use of  Banner links which are hard-coded into EV's configuration, the only way to get this to work is to create a external DNS record for our EV server.
The only thing we needed to do is
1. Create an external DNS entry for our EV server to point to ISA
2. Create the EnterpriseVault rule on ISA
3. Under public name, add the EVserver.

The link translations only applies if we only want users to access OWA.
HTHs anyone else who gets stuck in this situation.

-S