Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

publishing exchange DNS externally

Status
Not open for further replies.
dave2korg

dave2korg

IS-IT--Management
Feb 25, 2006
102
US
I may have to move this to the CISCO PIX forum, or DNS.

I want to be able to configure notebooks here so that when my users are connected to Cisco VPN (PIX 515E), they are able to open up outlook 2003 and be auto connected to the exchange server. As of now, people have to hit the OWA or use their mobile devices set to check OWA every x minutes.

I know this is possible, im pretty sure it is simple in DNS. Does anyone know of a way to impliment this painlessly?

David McKissic
A+, Net+, i-net+, CCNA, CNE, CNA
Dell, Compaq, IBM, HP
Network Administrator
 
Sort by date Sort by votes
well when the users are vpn'ing, they should be able to hit your exchange server if outlook is configured on the notebooks with your specific exchange server settings....what issue are you actually seeing?...are your users not able to use outlook when going through the vpn?...what is behind that pix?...is there any other firewall in front of the dns server or the exchange server for that matter?...
 
Upvote 0 Downvote
i can configure the exchange setup when users are on the network, (i've only been testing this with 1 user).

after configuring and setting it for cached exchange mode, the user will leave the building and connect to vpn, they can ping the server, but when they pull up outlook it will say the exchange server is unavailable and prompt them to work offline or retry.

i wanted to check this myself, so i connected to vpn from home and pulled up my outlook client, with no profile set it prompted me to setup my connect, i chose exchange and put in the servers internal ip address, my username and hit check name. it came back with the FQDN of the exchange server and my name resolved, but I too got prompted after that point, saying the exchange server was offline.

David McKissic
A+, Net+, i-net+, CCNA, CNE, CNA
Dell, Compaq, IBM, HP
Network Administrator
 
Upvote 0 Downvote
It's probably a name resolution issue. On the LAN, the machines can easily reach the server by broadcasting, if all else (DNS/WINS) fails.

When you're on a VPN, can you resolve the name of the Exchange server? Can you do an NBTSTAT to get the NetBIOS info of the domain and the Exchange server? I've had similar problems and configuring WINS sorted it for me.
 
Upvote 0 Downvote
yea it looks to be a name resolution issue....can you do a trace to your exchange server from the vpn and then from inside the network to see where the different hops are?....maybe from the vpn you figure out that its taking a very different hop then where it should be....also, like almighty said, try an nbtstat for the exchange info...
 
Upvote 0 Downvote
Can you post your vpn configuration on the pix. I have done this a lot of times and never had any problems. Do you have your internal dnsservers stated in the vpn configuration?`

 
Upvote 0 Downvote
okay, i'd be able to do tracert but for some reason we cant tracert through these firewalls (its been one of those annoying issues for the past few weeks), and i havent had the time to go and look around in the asdm to figure out whats causing it, we can ping and netstat, just not tracert.

also, our dns is hosted remotely from a company (ultradns), would it be a setting i would have to change there?

David McKissic
A+, Net+, i-net+, CCNA, CNE, CNA
Dell, Compaq, IBM, HP
Network Administrator
 
Upvote 0 Downvote
also, our dns is hosted remotely from a company (ultradns), would it be a setting i would have to change there?

No, i would point the vpn clients to your internal DNS server. If you point out an external DNS i dont think you will get it to work, i have never got it to work.

Check what dnsserver your client gets when the connect and change to your internal dnsserver.
 
Upvote 0 Downvote
If this is just for using Outlook and Exchange, you could leave the VPN scenario alone altogether and implement RTP over HTTP(S). This would allow you to use your Outlook 2003 client and have only port 80 or 443 (suggest only 443 for doing SSL) open on your firewall. There are tons of RTP over HTTP(S) documents out there. Just make sure you have Windows 2003 server (domain and global catalog server) and Exchange 2003 server or Small Business Server if single server environment. Works great.
Just a thought.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
801
Johnkite
Johnkite
mackland1903
  • Locked
  • Question
Populate oblect group from DNS
Replies
1
Views
241
burtsbees
burtsbees
EdwardMcClelland
  • Locked
  • Question
Google DNS works with Sonic-wall installed. Cox doesn't.
Replies
1
Views
303
ChrisHirst
ChrisHirst
RodneyMcSnow
  • Locked
  • Question
TZ400 -how to prevent dns attacks
Replies
2
Views
250
RodneyMcSnow
RodneyMcSnow
AndrewTait
  • Locked
  • Question
DNS issue with Firebox Edge X5
Replies
1
Views
142
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top