cancel
Showing results for 
Search instead for 
Did you mean: 

Search not working from OWA external access

R_G1
Level 3

I have a wierd issue here, everything is working fine except the Search Archive from external OWA access.

EV 10

Exchange 10 and TMG.

Rules for EV and OWA are published as per the documentation. Infact using OWA, user can open archived items and Archive explorer also.

Internally within network, URL is http://evserver/enterprisevault and externally we use published OWA name for EV rule.

When user connects to OWA using https://webmail.external.com/owa, and clicks on Search it tries to connect to internal EV server FQDN.

The web.config file on CAS server has UseExternalWebAppURL = True and ExternalWebAppURL = https://webmail.external.com

I checked the Desktop policy configuration for OWA, but that also seems to be ok.

 

I am not sure if I am missing any configuration part here. Please advise.

 

1 ACCEPTED SOLUTION

Accepted Solutions

Arjun_Shelke
Level 6
Employee Accredited

Some times I have seen that even using ExternalWebAppURL the external OWA request is not treated external by EV OWA extensions.

To confirm this, you can login to CAS Server and check the IIS logs or OWA logs. Client IP/ Requesting IP should be of your TMG Server, if not then can you try following:

Refer technote: http://www.symantec.com/docs/TECH155122

(This technote is referring ISA 2006 though its the same for TMG)

Let me know if that helps...

View solution in original post

6 REPLIES 6

JesusWept3
Level 6
Partner Accredited Certified

get a log file for the particular user and have a look and see if it gives any clues

https://www.linkedin.com/in/alex-allen-turl-07370146

TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

Did you follow all the steps here:

How to configure Enterprise Vault integration with OWA using Threat Management Gateway 2010 (TMG)

Article:HOWTO59068  |  Created: 2011-08-27  |  Updated: 2012-01-26  |  Article URL http://www.symantec.com/docs/HOWTO59068

 

Arjun_Shelke
Level 6
Employee Accredited

Some times I have seen that even using ExternalWebAppURL the external OWA request is not treated external by EV OWA extensions.

To confirm this, you can login to CAS Server and check the IIS logs or OWA logs. Client IP/ Requesting IP should be of your TMG Server, if not then can you try following:

Refer technote: http://www.symantec.com/docs/TECH155122

(This technote is referring ISA 2006 though its the same for TMG)

Let me know if that helps...

ManishN
Level 4
Employee Accredited

I think the bheavior is quite expected, when you say  "

When user connects to OWA using https://webmail.external.com/owa, and clicks on Search it tries to connect to internal EV server FQDN.

"

Assigning ExternalIPaddresses may sometime break the Internal connectivity in my experience so it has to entered carefully.

You can check few basic things

1. Open IE on your client machine who connects externally and try to access enterprisevault virtual directory for .e.g. https://publishedname/enterprisevault or http://publishedname/enterprisevault and see if you can access. You have to publish EV virtual directory.

2. Enable Fiddler and TMG trace to track the request.

You can also ref. few articles

http://www.symantec.com/business/support/index?page=content&id=TECH61472

http://www.symantec.com/business/support/index?page=content&id=TECH63250

R_G1
Level 3

Thanks Tony, its exactly the same configuration. Advisor, I checked the logs where I see client IP shown in the log is not matching with the TMG internal IP addresses. As per the technote, I checked the web Rule and changed "Request appear to come from" section and added ExternalIPAddresses entry with TMG IP addresses. But still while accessing OWA, it does not connect, after deleting cookies and temp internet files, I was able to connect to Search on published name. Thanks a lot, you are Doctor of EV :)

Hey ManishN, I checked the internal working of OWA with EV operations after adding that entry on web.config, it works as well, so I guess nothing to worry?

Arjun_Shelke
Level 6
Employee Accredited

Thanks for the complements :) I glad that issue has been solved