I'm not sure why your using host headers but you need to do one of two things:
1. First, make sure that your IP address is set to "all unassigned" 2. Next, remove the host headers....or 3. or.... add the host header matching your outside alias (dns). -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:26 AM To: Exchange Discussions Subject: RE: Help please Nope, if that is the address of the PIX, it won't work. Do a "sh xlate" at the prompt on the PIX. You should have a statically defined Pub address that points to your priv address. D "I only regret that I have but one life to lose for my country." -Nathan Hale -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 8:23 AM To: Exchange Discussions Subject: RE: Help please I have an inside outside mapping from that ip to the public ip 208.253.38.123 which is the outside ip of the pix -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 11:20 AM To: Exchange Discussions Subject: RE: Help please I think I've got it! What there should be an address translation from the 172.16.1.1 (private address) to a "Public" address. You're trying to route a non-routable address to the outside. I don't know about proxy, but the PIX is telling you to fsck off. That 172 address HAS to be routed to a routable IP address! D "Those who deny freedom to others deserve it not for themselves." -Abraham Lincoln -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 8:12 AM To: Exchange Discussions Subject: RE: Help please That's all I see in the log for that access point. Although I just set up another internal web site to try redirection with and I get the same problem so I would guess that the proxy or pix are the prob not the exchange server. Yes that ip is a dialup client -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 11:08 AM To: Exchange Discussions Subject: RE: Help please Is the 63.x.x.x address the client address or what? What shows up in the logs when you try to pass authentication? D "A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila." -Mitch Ratcliffe, "Technology Review" -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 7:57 AM To: Exchange Discussions Subject: RE: Help please When accessing the site this is what is in the proxy log 2001-12-18 15:51:12 63.17.150.119 - 172.16.1.1 80 GET /scripts/proxy/w3proxy.dll 038b0008,+http://tahoe/exchange/USA/ 200 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+Q312461) tahoe is the internal exchange server. -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:45 AM To: Exchange Discussions Subject: RE: Help please OK, let us know what you find. D "DOS 6: Because there aren't enough problems in the world already." -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 7:37 AM To: Exchange Discussions Subject: RE: Help please I will have to call cisco as per starting logs. I am not that secure enough about the proper way of turning the loggin up. As for proxy I am attempting that now. -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:37 AM To: Exchange Discussions Subject: RE: Help please That's why I wanted you to check the logs on both Proxy and the PIX. Somewhere there's something not passing traffic correctly... D "Overconfidence: Before you attempt to beat the odds, be sure you can survive the odds beating you." - - http://www.despair.com -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 7:31 AM To: Exchange Discussions Subject: RE: Help please Its funny. I can not redirect and websites to internal servers. I am beginning to think this is a proxy problem. -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:18 AM To: Exchange Discussions Subject: RE: Help please Router??? I thought you said you have a PIX. They have much more than 16MB, well, not "much" more, but at least 32MB. D "Arrogance: The Best Leaders Inspire by Example. When that's not an option, brute intimidation works pretty well too." - - http://www.despair.com -----Original Message----- From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 7:13 AM To: Exchange Discussions Subject: RE: Help please Can't upgrade to 6.0. cisco will not allow me to dl it as I only have 16mb in my router. Also, tom I have verified that information. Thanks. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:11 AM To: Exchange Discussions Subject: RE: Help please Upgrade to 6.0 IOS -----Original Message----- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Monday, December 17, 2001 9:07 PM To: Exchange Discussions Subject: RE: Help please I can't recall some great examples off hand, but I remember a time where the PIX would to funny things to the network traffic as it passed in either direction. Tended to time things out and make stuff not work. D "The true test of character is not how much we know how to do, but how we behave when we don't know what to do." -John Holt -----Original Message----- From: Peter Szabo [mailto:[EMAIL PROTECTED]] Sent: Monday, December 17, 2001 6:26 PM To: Exchange Discussions Subject: Re: Help please Don, I'm not too familiar with PIX but I know the problem with esmtp and pix , but never heard of any with http. Ronald, The easiet way to make sure is not the pix, connect your laptop to the segment bethwin the pix and your proxy and try to connect to OWA. If it is working, call Ci$co. /Peter ----- Original Message ----- From: "Don Ely" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, December 17, 2001 9:06 PM Subject: RE: Help please > That's another theory too... However, on the PIX there are some > strange occurrences that would not pass some HTTP traffic correctly. > Not always, but I've seen it. > > D > > "Ignorance: It's amazing how much easier it is for a team to work > together when no one has any idea where they're going." - - > http://www.despair.com > > -----Original Message----- > From: Peter Szabo [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 17, 2001 6:06 PM > To: Exchange Discussions > Subject: Re: Help please > > > Ronald, > > If your external address for your owa is tahoe.ss-pca.com/exchange > then you > have an authentication problem on your OWA server, nothing to do with > your proxy or PIX. for a proxy server or a pix f/w http is http is > http. <period>. On your OWA server diasble any other authentication > but Basic. If > I remember correctly internaly users can access OWA, yes ? > > /Peter > > ----- Original Message ----- > From: "Don Ely" <[EMAIL PROTECTED]> > To: "Exchange Discussions" <[EMAIL PROTECTED]> > Sent: Monday, December 17, 2001 8:47 PM > Subject: RE: Help please > > > > Have you turned up syslog on your PIX to watch the traffic? What do > > the logs say (both Proxy and the PIX)? My money says your issue > > resides in there. > > > > D > > > > "It was when I found out I could make mistakes that I knew I was on > > to something." -Ornette Coleman > > > > -----Original Message----- > > From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] > > Sent: Monday, December 17, 2001 5:14 PM > > To: Exchange Discussions > > Subject: RE: Help please > > > > > > Yes that article has been followed to the letter. I apologize for > > the ms reference so could we get back to this. It is becoming > > increasingly frustrating. It SHOULD work. > > > > -----Original Message----- > > From: Tom Meunier [mailto:[EMAIL PROTECTED]] > > Sent: Monday, December 17, 2001 4:52 PM > > To: Exchange Discussions > > Subject: RE: Help please > > > > 1. Your MX record has no bearing on the issue - that's solely for > > mail routing. You need to worry about where your "A" record (or > > CNAME if > that's > > how you're doing it) points. > > 2. I'm still kind of waiting for you to say that you've followed > > Q276388 > to > > the letter. Whether OWA 5.5 works through proxy has nothing to do > > with whether OWA 2000 does; they are nowhere NEAR being the same > > product. > > > > > > > -----Original Message----- > > > From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] Posted At: > > > Monday, December 17, 2001 02:54 PM Posted To: MSExchange Mailing > > > List > > > Conversation: Help please > > > Subject: RE: Help please > > > > > > > > > Yeah sorry. My mx record is exchange.domain.com. when a user > > > enters exchange.domain.com/exchange they hit the proxy. Proxy is > > > set up to redirect any requests for this address to the internal > > > exchange address. This is as per M$. > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, December 17, 2001 3:56 PM > > > To: Exchange Discussions > > > Subject: RE: Help please > > > > > > Upgrade to version 6.0 IOS. Use the Static Port commands to > > > redirect users to the internal OWA site instead of your Proxy > > > Server first. This works even if your using a DMZ card. Also, can > > > you clarify "redirect my MX record exchange server address to the > > > server"? > > > > > > Also... > > > > > > How many valid static IP's to you have? > > > Is your DNS hosted external or internal? > > > When you upgraded did you change any of the static IP information? > > > > > > > > > -----Original Message----- > > > From: Ronald Mazzotta [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, December 17, 2001 2:41 PM > > > To: Exchange Discussions > > > Subject: Help please > > > > > > > > > > > > I tried this on the exchange 2000 list and got very little > > > information. I have a setup as follows: > > > > > > Pix Firewall-->Proxy serv/IIS server-->internal network containing > > > exchange. We have had exchange 5.5 and OWA running in this config > > > for some time. We have recently upgraded to Exchange2000 and are > > > now having a problem connecting with owa 2000. When going to the > > > owa site a login box comes up to log into exchange BUT it comes up > > > three times then says access denied. I have the IIS/proxy web > > > publishing set to redirect my MX record exchange server address to > > > the server but can never log in. If anyone got ANY ideas I would > > > greatly appreciate it. > > > > > > Ron > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
