Showing results for 
Search instead for 
Did you mean: 

OWA 2016 Outlook mail App externally

Level 3

I have enabled the Outlook Web App for a few users in Exchange 2016, and it only works when the user is on the internal network.  If the user is accessing OWA from the outside network, archived emails never open, and we get the error "Something went wrong and we couldn't start this add-in"  Is there something in particular needed to be done to enable the Outlook Web App to work in OWA externally through a firewall.  I cannot find any documentation regarding this setup.


Partner    VIP    Accredited


the office mail app needs to be deployed with the BaseURL parameter as described here. 

Deploying the Enterprise Vault Office Mail App for an organization


Users in the organization may access the Enterprise Vault server externally, with no direct access. In this case, the manifest file must point to the URL of the server that provides external access. The same server would also be used for internal access. For example, the server may be a Microsoft Forefront Threat Management Gateway (TMG) server.

The following example shows how to use the BaseURL parameter with the OfficeMailAppManifest.aspx page to configure the manifest file to point to a server that provides external access.

The backtick character (') is the PowerShell line-continuation character.

Add-Type -AssemblyName System.Web
$Mbx = get-mailbox "mailbox"

New-App -OrganizationApp -DefaultStateForUser:enabled -Url '
    ("http://EV_server/EnterpriseVault/OfficeMailAppManifest.aspx?LegacyMbxDn=" +
    [System.Web.HttpUtility]::UrlEncode($Mbx.LegacyExchangeDN) + 


  • mailbox is the name of any mailbox that is enabled for archiving.

  • EV_server is the name of any Enterprise Vault server in your site. This Enterprise Vault server is not necessarily the one that is used to load the Office Mail App. The Enterprise Vault server that is used to load the Office Mail App for all users is the server that is specified in the BaseURL parameter.

  • external_access_server is the name of the server that provides external access.




PMCS GmbH & Co. KG - A Serviceware Company

So the enterprise server needs a public IP and url, so I'm guessing only port 443 open.

I was hoping it would work with just public access to the Exchange Server used for OWA