Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Fri, 13 Dec 2002 11:21:27



My problem is that I need to convince my Exchange server that it is in fact
named 'www.mycorp.com'.

I am attempting to publish my Exchange server for full (Exchange RPC)
'corporate mode' Outlook clients outside my firewall (NOT through a VPN).  I
have, more or less, everything working right except Exchange keeps resetting
client machines to the 'wrong' server name.

The problem I have is that the exchange server name persists in the
'services' account, i.e.
Outlook 2002: Tools->email accounts->View or Change->MS Exchange
Server->Microsoft Exchange Server (edit box).

The entry here for exchange server always seems to revert itself to the
machine name, not even the internal DNS name of the server.

If I manually change it to the proper DNS name, once you connect to the
server, the dial box changes it to the machine name of the exchange server.

This will never work outside the firewall, as even if the machine name was
the same as the external DNS name, it's not a fully qualified domain name.

i.e. my machine name is 'Server-e2k'.

The exchange server in the Services menu is thus 'server-e2k'.  It SHOULD be
'server-e2k.mydomain.local'.

Ping server-e2k
.. 192.168.1.1
Ping www.mycorp.com
.. 192.168.1.1
Ping server-e2k.mydomain.local
.. 192.168.1.1

(i.e. the same, correct, internal IP)

From outside the firewall (ANY DNS server)
ping Server-e2k
(no name resolution)

Ping www.mycorp.com
.. 66.166.100.100 (say)
also:
Ping server-e2k.mycorp.com
.. 66.166.100.100 (say)

where 66.166.100.100 is the IP that is published through the firewall to
192.168.1.1.  This all works fine.

I have a valid DNS entry for the inside of the firewall and the outside.
The outside the firewall entry specifies an MS ISA server that through
server publishing relays the traffic through to the Microsoft Exchange
server.  Inside of the firewall, the same DNS name resolves directly to the
exchange server.

So .. my problem is that I need to convince my Exchange server that it is in
fact named 'www.mycorp.com'.

How do I do that in exchange?

Note that if I gave up and renamed the server to be 'www' (same machine name
as external name), I would STILL have the problem that it's a machine name,
NOT a real domain name.

This kind of thing is not a problem with IMAP, as you can specify the name
of the server (www.mycorp.com), and this works fine inside and outside the
firewall.

All firewall definitions are fine, I can send / receive email with external
and internal IMAP4 and POP3 accounts, and the server sends email fine.  If I
probe the firewall with 'telnet www.mycorp.com' 135 I get through the
firewall to the host computer.

Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is great:
http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...
Microsoft_Exchange.html

but it doesn't address this specific issue - I have clients that are on
different domains, so even if the Exchange server name was 'www', it
wouldn't work as my external Outlook corporate mode clients would resolve to
'www.wrongdomain.com'.

Thanks,

                  == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Thomas W Shinder [MVP » Fri, 13 Dec 2002 13:55:45


Hi John,

Just use an entry in the HOSTS file on the clients that maps the NetBIOS
name of the Exchange Server to the external IP address on the ISA Server
used by the RPC publishing rule.

HTH,
--
Tom
www.isaserver.org/shinder
Get the books!
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
MVP -- ISA Server 2000



Quote:> My problem is that I need to convince my Exchange server that it is in
fact
> named 'www.mycorp.com'.

> I am attempting to publish my Exchange server for full (Exchange RPC)
> 'corporate mode' Outlook clients outside my firewall (NOT through a VPN).
I
> have, more or less, everything working right except Exchange keeps
resetting
> client machines to the 'wrong' server name.

> The problem I have is that the exchange server name persists in the
> 'services' account, i.e.
> Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> Server->Microsoft Exchange Server (edit box).

> The entry here for exchange server always seems to revert itself to the
> machine name, not even the internal DNS name of the server.

> If I manually change it to the proper DNS name, once you connect to the
> server, the dial box changes it to the machine name of the exchange
server.

> This will never work outside the firewall, as even if the machine name was
> the same as the external DNS name, it's not a fully qualified domain name.

> i.e. my machine name is 'Server-e2k'.

> The exchange server in the Services menu is thus 'server-e2k'.  It SHOULD
be
> 'server-e2k.mydomain.local'.

> Ping server-e2k
> .. 192.168.1.1
> Ping www.mycorp.com
> .. 192.168.1.1
> Ping server-e2k.mydomain.local
> .. 192.168.1.1

> (i.e. the same, correct, internal IP)

> From outside the firewall (ANY DNS server)
> ping Server-e2k
> (no name resolution)

> Ping www.mycorp.com
> .. 66.166.100.100 (say)
> also:
> Ping server-e2k.mycorp.com
> .. 66.166.100.100 (say)

> where 66.166.100.100 is the IP that is published through the firewall to
> 192.168.1.1.  This all works fine.

> I have a valid DNS entry for the inside of the firewall and the outside.
> The outside the firewall entry specifies an MS ISA server that through
> server publishing relays the traffic through to the Microsoft Exchange
> server.  Inside of the firewall, the same DNS name resolves directly to
the
> exchange server.

> So .. my problem is that I need to convince my Exchange server that it is
in
> fact named 'www.mycorp.com'.

> How do I do that in exchange?

> Note that if I gave up and renamed the server to be 'www' (same machine
name
> as external name), I would STILL have the problem that it's a machine
name,
> NOT a real domain name.

> This kind of thing is not a problem with IMAP, as you can specify the name
> of the server (www.mycorp.com), and this works fine inside and outside the
> firewall.

> All firewall definitions are fine, I can send / receive email with
external
> and internal IMAP4 and POP3 accounts, and the server sends email fine.  If
I
> probe the firewall with 'telnet www.mycorp.com' 135 I get through the
> firewall to the host computer.

> Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

Quote:> Microsoft_Exchange.html

> but it doesn't address this specific issue - I have clients that are on
> different domains, so even if the Exchange server name was 'www', it
> wouldn't work as my external Outlook corporate mode clients would resolve
to
> 'www.wrongdomain.com'.

> Thanks,

>                   == John ==


 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sat, 14 Dec 2002 02:21:49


I thought about that, but the problem with that is that my sales folks will
have to change their hosts files 2-3 times a day.  I don't expect that they
would be able to do this.

                  == John ==



> Hi John,

> Just use an entry in the HOSTS file on the clients that maps the NetBIOS
> name of the Exchange Server to the external IP address on the ISA Server
> used by the RPC publishing rule.

> HTH,
> --
> Tom
> www.isaserver.org/shinder
> Get the books!
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> MVP -- ISA Server 2000



> > My problem is that I need to convince my Exchange server that it is in
> fact
> > named 'www.mycorp.com'.

> > I am attempting to publish my Exchange server for full (Exchange RPC)
> > 'corporate mode' Outlook clients outside my firewall (NOT through a
VPN).
> I
> > have, more or less, everything working right except Exchange keeps
> resetting
> > client machines to the 'wrong' server name.

> > The problem I have is that the exchange server name persists in the
> > 'services' account, i.e.
> > Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> > Server->Microsoft Exchange Server (edit box).

> > The entry here for exchange server always seems to revert itself to the
> > machine name, not even the internal DNS name of the server.

> > If I manually change it to the proper DNS name, once you connect to the
> > server, the dial box changes it to the machine name of the exchange
> server.

> > This will never work outside the firewall, as even if the machine name
was
> > the same as the external DNS name, it's not a fully qualified domain
name.

> > i.e. my machine name is 'Server-e2k'.

> > The exchange server in the Services menu is thus 'server-e2k'.  It
SHOULD
> be
> > 'server-e2k.mydomain.local'.

> > Ping server-e2k
> > .. 192.168.1.1
> > Ping www.mycorp.com
> > .. 192.168.1.1
> > Ping server-e2k.mydomain.local
> > .. 192.168.1.1

> > (i.e. the same, correct, internal IP)

> > From outside the firewall (ANY DNS server)
> > ping Server-e2k
> > (no name resolution)

> > Ping www.mycorp.com
> > .. 66.166.100.100 (say)
> > also:
> > Ping server-e2k.mycorp.com
> > .. 66.166.100.100 (say)

> > where 66.166.100.100 is the IP that is published through the firewall to
> > 192.168.1.1.  This all works fine.

> > I have a valid DNS entry for the inside of the firewall and the outside.
> > The outside the firewall entry specifies an MS ISA server that through
> > server publishing relays the traffic through to the Microsoft Exchange
> > server.  Inside of the firewall, the same DNS name resolves directly to
> the
> > exchange server.

> > So .. my problem is that I need to convince my Exchange server that it
is
> in
> > fact named 'www.mycorp.com'.

> > How do I do that in exchange?

> > Note that if I gave up and renamed the server to be 'www' (same machine
> name
> > as external name), I would STILL have the problem that it's a machine
> name,
> > NOT a real domain name.

> > This kind of thing is not a problem with IMAP, as you can specify the
name
> > of the server (www.mycorp.com), and this works fine inside and outside
the
> > firewall.

> > All firewall definitions are fine, I can send / receive email with
> external
> > and internal IMAP4 and POP3 accounts, and the server sends email fine.
If
> I
> > probe the firewall with 'telnet www.mycorp.com' 135 I get through the
> > firewall to the host computer.

> > Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

Quote:> > Microsoft_Exchange.html

> > but it doesn't address this specific issue - I have clients that are on
> > different domains, so even if the Exchange server name was 'www', it
> > wouldn't work as my external Outlook corporate mode clients would
resolve
> to
> > 'www.wrongdomain.com'.

> > Thanks,

> >                   == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Thomas W Shinder [MVP » Sat, 14 Dec 2002 02:47:05


Hi John,

It should be pretty easy to create a batch file they could click on which
would change the contents of the HOSTS file depending on their location. And
if they're using Win2k/XP, the contents of the HOSTS file are automatically
entered in the client side DNS cache.

HTH,
--
Tom
www.isaserver.org/shinder
Get the books!
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
MVP -- ISA Server 2000



> I thought about that, but the problem with that is that my sales folks
will
> have to change their hosts files 2-3 times a day.  I don't expect that
they
> would be able to do this.

>                   == John ==



> > Hi John,

> > Just use an entry in the HOSTS file on the clients that maps the NetBIOS
> > name of the Exchange Server to the external IP address on the ISA Server
> > used by the RPC publishing rule.

> > HTH,
> > --
> > Tom
> > www.isaserver.org/shinder
> > Get the books!
> > ISA Server and Beyond: http://tinyurl.com/1jq1
> > Configuring ISA Server: http://tinyurl.com/1llp
> > MVP -- ISA Server 2000



> > > My problem is that I need to convince my Exchange server that it is in
> > fact
> > > named 'www.mycorp.com'.

> > > I am attempting to publish my Exchange server for full (Exchange RPC)
> > > 'corporate mode' Outlook clients outside my firewall (NOT through a
> VPN).
> > I
> > > have, more or less, everything working right except Exchange keeps
> > resetting
> > > client machines to the 'wrong' server name.

> > > The problem I have is that the exchange server name persists in the
> > > 'services' account, i.e.
> > > Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> > > Server->Microsoft Exchange Server (edit box).

> > > The entry here for exchange server always seems to revert itself to
the
> > > machine name, not even the internal DNS name of the server.

> > > If I manually change it to the proper DNS name, once you connect to
the
> > > server, the dial box changes it to the machine name of the exchange
> > server.

> > > This will never work outside the firewall, as even if the machine name
> was
> > > the same as the external DNS name, it's not a fully qualified domain
> name.

> > > i.e. my machine name is 'Server-e2k'.

> > > The exchange server in the Services menu is thus 'server-e2k'.  It
> SHOULD
> > be
> > > 'server-e2k.mydomain.local'.

> > > Ping server-e2k
> > > .. 192.168.1.1
> > > Ping www.mycorp.com
> > > .. 192.168.1.1
> > > Ping server-e2k.mydomain.local
> > > .. 192.168.1.1

> > > (i.e. the same, correct, internal IP)

> > > From outside the firewall (ANY DNS server)
> > > ping Server-e2k
> > > (no name resolution)

> > > Ping www.mycorp.com
> > > .. 66.166.100.100 (say)
> > > also:
> > > Ping server-e2k.mycorp.com
> > > .. 66.166.100.100 (say)

> > > where 66.166.100.100 is the IP that is published through the firewall
to
> > > 192.168.1.1.  This all works fine.

> > > I have a valid DNS entry for the inside of the firewall and the
outside.
> > > The outside the firewall entry specifies an MS ISA server that through
> > > server publishing relays the traffic through to the Microsoft Exchange
> > > server.  Inside of the firewall, the same DNS name resolves directly
to
> > the
> > > exchange server.

> > > So .. my problem is that I need to convince my Exchange server that it
> is
> > in
> > > fact named 'www.mycorp.com'.

> > > How do I do that in exchange?

> > > Note that if I gave up and renamed the server to be 'www' (same
machine
> > name
> > > as external name), I would STILL have the problem that it's a machine
> > name,
> > > NOT a real domain name.

> > > This kind of thing is not a problem with IMAP, as you can specify the
> name
> > > of the server (www.mycorp.com), and this works fine inside and outside
> the
> > > firewall.

> > > All firewall definitions are fine, I can send / receive email with
> > external
> > > and internal IMAP4 and POP3 accounts, and the server sends email fine.
> If
> > I
> > > probe the firewall with 'telnet www.mycorp.com' 135 I get through the
> > > firewall to the host computer.

> > > Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

Quote:> > > Microsoft_Exchange.html

> > > but it doesn't address this specific issue - I have clients that are
on
> > > different domains, so even if the Exchange server name was 'www', it
> > > wouldn't work as my external Outlook corporate mode clients would
> resolve
> > to
> > > 'www.wrongdomain.com'.

> > > Thanks,

> > >                   == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sat, 14 Dec 2002 10:57:32


I tried adding a hosts file and it does seem to work.  The initial
connection was, however, done by specifying the server name as
server-e2k.mycorp.com but as soon as it connected, it reverted to
server-e2k.  Frustrating.  However, it does work.

I now have another issue; with the exchange RPC filter / server publishing
with subsequent connections as documented in your article (reference in the
thread start), it works, and even for mail notifications!  However, in
Outlook if I right click on the contacts folder and go to "Outlook Address
Book" I cannot check the box that says "Show this folder as an e-mail
Address Book".  The check box and the 'name of the address book' is grayed
out.

Clients that were setup inside the firewall, can, however, check this box.

So right now, no one outside the firewall has an address book, even with
private addresses.  I can add addresses to the folder, but they aren't
recognized when sending messages due to not being able to specify this
folder as having contacts.  The global address list works fine.

One other oddity is that messages that are 'sent' can't be copied to the
sent items.  I get an error pop up from Outlook that says "Rules in Error"
and says "Cannot copy to the "Sent Items" folder. Note there are no rules in
the rules wizard.

All mail from OWA works fine for the same account, so I believe this is an
Outlook / ISA issue.

This is my last outstanding hurdle.  I have a feeling there is some further
port setting that isn't mapped.  I haven't added the static registry keys as
recommended in the MS articles, I'm just using the subsequent connections in
ISA.

                  == John ==



> Hi John,

> It should be pretty easy to create a batch file they could click on which
> would change the contents of the HOSTS file depending on their location.
And
> if they're using Win2k/XP, the contents of the HOSTS file are
automatically
> entered in the client side DNS cache.

> HTH,
> --
> Tom
> www.isaserver.org/shinder
> Get the books!
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> MVP -- ISA Server 2000



> > I thought about that, but the problem with that is that my sales folks
> will
> > have to change their hosts files 2-3 times a day.  I don't expect that
> they
> > would be able to do this.

> >                   == John ==



> > > Hi John,

> > > Just use an entry in the HOSTS file on the clients that maps the
NetBIOS
> > > name of the Exchange Server to the external IP address on the ISA
Server
> > > used by the RPC publishing rule.

> > > HTH,
> > > --
> > > Tom
> > > www.isaserver.org/shinder
> > > Get the books!
> > > ISA Server and Beyond: http://tinyurl.com/1jq1
> > > Configuring ISA Server: http://tinyurl.com/1llp
> > > MVP -- ISA Server 2000



> > > > My problem is that I need to convince my Exchange server that it is
in
> > > fact
> > > > named 'www.mycorp.com'.

> > > > I am attempting to publish my Exchange server for full (Exchange
RPC)
> > > > 'corporate mode' Outlook clients outside my firewall (NOT through a
> > VPN).
> > > I
> > > > have, more or less, everything working right except Exchange keeps
> > > resetting
> > > > client machines to the 'wrong' server name.

> > > > The problem I have is that the exchange server name persists in the
> > > > 'services' account, i.e.
> > > > Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> > > > Server->Microsoft Exchange Server (edit box).

> > > > The entry here for exchange server always seems to revert itself to
> the
> > > > machine name, not even the internal DNS name of the server.

> > > > If I manually change it to the proper DNS name, once you connect to
> the
> > > > server, the dial box changes it to the machine name of the exchange
> > > server.

> > > > This will never work outside the firewall, as even if the machine
name
> > was
> > > > the same as the external DNS name, it's not a fully qualified domain
> > name.

> > > > i.e. my machine name is 'Server-e2k'.

> > > > The exchange server in the Services menu is thus 'server-e2k'.  It
> > SHOULD
> > > be
> > > > 'server-e2k.mydomain.local'.

> > > > Ping server-e2k
> > > > .. 192.168.1.1
> > > > Ping www.mycorp.com
> > > > .. 192.168.1.1
> > > > Ping server-e2k.mydomain.local
> > > > .. 192.168.1.1

> > > > (i.e. the same, correct, internal IP)

> > > > From outside the firewall (ANY DNS server)
> > > > ping Server-e2k
> > > > (no name resolution)

> > > > Ping www.mycorp.com
> > > > .. 66.166.100.100 (say)
> > > > also:
> > > > Ping server-e2k.mycorp.com
> > > > .. 66.166.100.100 (say)

> > > > where 66.166.100.100 is the IP that is published through the
firewall
> to
> > > > 192.168.1.1.  This all works fine.

> > > > I have a valid DNS entry for the inside of the firewall and the
> outside.
> > > > The outside the firewall entry specifies an MS ISA server that
through
> > > > server publishing relays the traffic through to the Microsoft
Exchange
> > > > server.  Inside of the firewall, the same DNS name resolves directly
> to
> > > the
> > > > exchange server.

> > > > So .. my problem is that I need to convince my Exchange server that
it
> > is
> > > in
> > > > fact named 'www.mycorp.com'.

> > > > How do I do that in exchange?

> > > > Note that if I gave up and renamed the server to be 'www' (same
> machine
> > > name
> > > > as external name), I would STILL have the problem that it's a
machine
> > > name,
> > > > NOT a real domain name.

> > > > This kind of thing is not a problem with IMAP, as you can specify
the
> > name
> > > > of the server (www.mycorp.com), and this works fine inside and
outside
> > the
> > > > firewall.

> > > > All firewall definitions are fine, I can send / receive email with
> > > external
> > > > and internal IMAP4 and POP3 accounts, and the server sends email
fine.
> > If
> > > I
> > > > probe the firewall with 'telnet www.mycorp.com' 135 I get through
the
> > > > firewall to the host computer.

> > > > Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

Quote:> > > > Microsoft_Exchange.html

> > > > but it doesn't address this specific issue - I have clients that are
> on
> > > > different domains, so even if the Exchange server name was 'www', it
> > > > wouldn't work as my external Outlook corporate mode clients would
> > resolve
> > > to
> > > > 'www.wrongdomain.com'.

> > > > Thanks,

> > > >                   == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Thomas W Shinder [MVP » Sun, 15 Dec 2002 00:53:24


Hi John,

Not sure what is going on with you name resolution problems, all I can tell
you is if you do it right it works :-)  What you see is correct. You must
denote the NetBIOS name in the HOSTS file, not the FQDN.

I've never run into the address book issue, since I've always set up the
clients inside the firewall (clients are travelers who use laptops). I'll
check on the address book issue. Users might actually have to know the
address of the person they're sending mail to :-)  Are they are to use the
GAL?

Thanks!
--
Tom
www.isaserver.org/shinder
Get the books!
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
MVP -- ISA Server 2000

"John D. Gwinner" <jgwin...@dazsi.com> wrote in message
news:eu3VAtkoCHA.2276@TK2MSFTNGP09...

> I tried adding a hosts file and it does seem to work.  The initial
> connection was, however, done by specifying the server name as
> server-e2k.mycorp.com but as soon as it connected, it reverted to
> server-e2k.  Frustrating.  However, it does work.

> I now have another issue; with the exchange RPC filter / server publishing
> with subsequent connections as documented in your article (reference in
the
> thread start), it works, and even for mail notifications!  However, in
> Outlook if I right click on the contacts folder and go to "Outlook Address
> Book" I cannot check the box that says "Show this folder as an e-mail
> Address Book".  The check box and the 'name of the address book' is grayed
> out.

> Clients that were setup inside the firewall, can, however, check this box.

> So right now, no one outside the firewall has an address book, even with
> private addresses.  I can add addresses to the folder, but they aren't
> recognized when sending messages due to not being able to specify this
> folder as having contacts.  The global address list works fine.

> One other oddity is that messages that are 'sent' can't be copied to the
> sent items.  I get an error pop up from Outlook that says "Rules in Error"
> and says "Cannot copy to the "Sent Items" folder. Note there are no rules
in
> the rules wizard.

> All mail from OWA works fine for the same account, so I believe this is an
> Outlook / ISA issue.

> This is my last outstanding hurdle.  I have a feeling there is some
further
> port setting that isn't mapped.  I haven't added the static registry keys
as
> recommended in the MS articles, I'm just using the subsequent connections
in
> ISA.

>                   == John ==

> "Thomas W Shinder [MVP]" <tshin...@hotmail.com> wrote in message
> news:uKJx4ZgoCHA.2276@TK2MSFTNGP09...
> > Hi John,

> > It should be pretty easy to create a batch file they could click on
which
> > would change the contents of the HOSTS file depending on their location.
> And
> > if they're using Win2k/XP, the contents of the HOSTS file are
> automatically
> > entered in the client side DNS cache.

> > HTH,
> > --
> > Tom
> > www.isaserver.org/shinder
> > Get the books!
> > ISA Server and Beyond: http://tinyurl.com/1jq1
> > Configuring ISA Server: http://tinyurl.com/1llp
> > MVP -- ISA Server 2000

> > "John D. Gwinner" <jgwin...@dazsi.com> wrote in message
> > news:OdYH0MgoCHA.1612@TK2MSFTNGP10...
> > > I thought about that, but the problem with that is that my sales folks
> > will
> > > have to change their hosts files 2-3 times a day.  I don't expect that
> > they
> > > would be able to do this.

> > >                   == John ==

> > > "Thomas W Shinder [MVP]" <tshin...@hotmail.com> wrote in message
> > > news:#3sP3qZoCHA.1816@TK2MSFTNGP11...
> > > > Hi John,

> > > > Just use an entry in the HOSTS file on the clients that maps the
> NetBIOS
> > > > name of the Exchange Server to the external IP address on the ISA
> Server
> > > > used by the RPC publishing rule.

> > > > HTH,
> > > > --
> > > > Tom
> > > > www.isaserver.org/shinder
> > > > Get the books!
> > > > ISA Server and Beyond: http://tinyurl.com/1jq1
> > > > Configuring ISA Server: http://tinyurl.com/1llp
> > > > MVP -- ISA Server 2000

> > > > "John D. Gwinner" <jgwin...@dazsi.com> wrote in message
> > > > news:ehcvrVYoCHA.2708@TK2MSFTNGP10...
> > > > > My problem is that I need to convince my Exchange server that it
is
> in
> > > > fact
> > > > > named 'www.mycorp.com'.

> > > > > I am attempting to publish my Exchange server for full (Exchange
> RPC)
> > > > > 'corporate mode' Outlook clients outside my firewall (NOT through
a
> > > VPN).
> > > > I
> > > > > have, more or less, everything working right except Exchange keeps
> > > > resetting
> > > > > client machines to the 'wrong' server name.

> > > > > The problem I have is that the exchange server name persists in
the
> > > > > 'services' account, i.e.
> > > > > Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> > > > > Server->Microsoft Exchange Server (edit box).

> > > > > The entry here for exchange server always seems to revert itself
to
> > the
> > > > > machine name, not even the internal DNS name of the server.

> > > > > If I manually change it to the proper DNS name, once you connect
to
> > the
> > > > > server, the dial box changes it to the machine name of the
exchange
> > > > server.

> > > > > This will never work outside the firewall, as even if the machine
> name
> > > was
> > > > > the same as the external DNS name, it's not a fully qualified
domain
> > > name.

> > > > > i.e. my machine name is 'Server-e2k'.

> > > > > The exchange server in the Services menu is thus 'server-e2k'.  It
> > > SHOULD
> > > > be
> > > > > 'server-e2k.mydomain.local'.

> > > > > Ping server-e2k
> > > > > .. 192.168.1.1
> > > > > Ping www.mycorp.com
> > > > > .. 192.168.1.1
> > > > > Ping server-e2k.mydomain.local
> > > > > .. 192.168.1.1

> > > > > (i.e. the same, correct, internal IP)

> > > > > From outside the firewall (ANY DNS server)
> > > > > ping Server-e2k
> > > > > (no name resolution)

> > > > > Ping www.mycorp.com
> > > > > .. 66.166.100.100 (say)
> > > > > also:
> > > > > Ping server-e2k.mycorp.com
> > > > > .. 66.166.100.100 (say)

> > > > > where 66.166.100.100 is the IP that is published through the
> firewall
> > to
> > > > > 192.168.1.1.  This all works fine.

> > > > > I have a valid DNS entry for the inside of the firewall and the
> > outside.
> > > > > The outside the firewall entry specifies an MS ISA server that
> through
> > > > > server publishing relays the traffic through to the Microsoft
> Exchange
> > > > > server.  Inside of the firewall, the same DNS name resolves
directly
> > to
> > > > the
> > > > > exchange server.

> > > > > So .. my problem is that I need to convince my Exchange server
that
> it
> > > is
> > > > in
> > > > > fact named 'www.mycorp.com'.

> > > > > How do I do that in exchange?

> > > > > Note that if I gave up and renamed the server to be 'www' (same
> > machine
> > > > name
> > > > > as external name), I would STILL have the problem that it's a
> machine
> > > > name,
> > > > > NOT a real domain name.

> > > > > This kind of thing is not a problem with IMAP, as you can specify
> the
> > > name
> > > > > of the server (www.mycorp.com), and this works fine inside and
> outside
> > > the
> > > > > firewall.

> > > > > All firewall definitions are fine, I can send / receive email with
> > > > external
> > > > > and internal IMAP4 and POP3 accounts, and the server sends email
> fine.
> > > If
> > > > I
> > > > > probe the firewall with 'telnet www.mycorp.com' 135 I get through
> the
> > > > > firewall to the host computer.

> > > > > Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is
great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

> > > > > Microsoft_Exchange.html

> > > > > but it doesn't address this specific issue - I have clients that
are
> > on
> > > > > different domains, so even if the Exchange server name was 'www',
it
> > > > > wouldn't work as my external Outlook corporate mode clients would
> > > resolve
> > > > to
> > > > > 'www.wrongdomain.com'.

> > > > > Thanks,

> > > > >                   == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Thomas W Shinder [MVP » Sun, 15 Dec 2002 00:54:36


Hi John,

Oh! And one more thing -- I've never encountered a problem with the messages
not being automatically saved in the Send Items folders. I'll check that out
too.

Thanks!
--
Tom
www.isaserver.org/shinder
Get the books!
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
MVP -- ISA Server 2000

"John D. Gwinner" <jgwin...@dazsi.com> wrote in message
news:eu3VAtkoCHA.2276@TK2MSFTNGP09...

> I tried adding a hosts file and it does seem to work.  The initial
> connection was, however, done by specifying the server name as
> server-e2k.mycorp.com but as soon as it connected, it reverted to
> server-e2k.  Frustrating.  However, it does work.

> I now have another issue; with the exchange RPC filter / server publishing
> with subsequent connections as documented in your article (reference in
the
> thread start), it works, and even for mail notifications!  However, in
> Outlook if I right click on the contacts folder and go to "Outlook Address
> Book" I cannot check the box that says "Show this folder as an e-mail
> Address Book".  The check box and the 'name of the address book' is grayed
> out.

> Clients that were setup inside the firewall, can, however, check this box.

> So right now, no one outside the firewall has an address book, even with
> private addresses.  I can add addresses to the folder, but they aren't
> recognized when sending messages due to not being able to specify this
> folder as having contacts.  The global address list works fine.

> One other oddity is that messages that are 'sent' can't be copied to the
> sent items.  I get an error pop up from Outlook that says "Rules in Error"
> and says "Cannot copy to the "Sent Items" folder. Note there are no rules
in
> the rules wizard.

> All mail from OWA works fine for the same account, so I believe this is an
> Outlook / ISA issue.

> This is my last outstanding hurdle.  I have a feeling there is some
further
> port setting that isn't mapped.  I haven't added the static registry keys
as
> recommended in the MS articles, I'm just using the subsequent connections
in
> ISA.

>                   == John ==

> "Thomas W Shinder [MVP]" <tshin...@hotmail.com> wrote in message
> news:uKJx4ZgoCHA.2276@TK2MSFTNGP09...
> > Hi John,

> > It should be pretty easy to create a batch file they could click on
which
> > would change the contents of the HOSTS file depending on their location.
> And
> > if they're using Win2k/XP, the contents of the HOSTS file are
> automatically
> > entered in the client side DNS cache.

> > HTH,
> > --
> > Tom
> > www.isaserver.org/shinder
> > Get the books!
> > ISA Server and Beyond: http://tinyurl.com/1jq1
> > Configuring ISA Server: http://tinyurl.com/1llp
> > MVP -- ISA Server 2000

> > "John D. Gwinner" <jgwin...@dazsi.com> wrote in message
> > news:OdYH0MgoCHA.1612@TK2MSFTNGP10...
> > > I thought about that, but the problem with that is that my sales folks
> > will
> > > have to change their hosts files 2-3 times a day.  I don't expect that
> > they
> > > would be able to do this.

> > >                   == John ==

> > > "Thomas W Shinder [MVP]" <tshin...@hotmail.com> wrote in message
> > > news:#3sP3qZoCHA.1816@TK2MSFTNGP11...
> > > > Hi John,

> > > > Just use an entry in the HOSTS file on the clients that maps the
> NetBIOS
> > > > name of the Exchange Server to the external IP address on the ISA
> Server
> > > > used by the RPC publishing rule.

> > > > HTH,
> > > > --
> > > > Tom
> > > > www.isaserver.org/shinder
> > > > Get the books!
> > > > ISA Server and Beyond: http://tinyurl.com/1jq1
> > > > Configuring ISA Server: http://tinyurl.com/1llp
> > > > MVP -- ISA Server 2000

> > > > "John D. Gwinner" <jgwin...@dazsi.com> wrote in message
> > > > news:ehcvrVYoCHA.2708@TK2MSFTNGP10...
> > > > > My problem is that I need to convince my Exchange server that it
is
> in
> > > > fact
> > > > > named 'www.mycorp.com'.

> > > > > I am attempting to publish my Exchange server for full (Exchange
> RPC)
> > > > > 'corporate mode' Outlook clients outside my firewall (NOT through
a
> > > VPN).
> > > > I
> > > > > have, more or less, everything working right except Exchange keeps
> > > > resetting
> > > > > client machines to the 'wrong' server name.

> > > > > The problem I have is that the exchange server name persists in
the
> > > > > 'services' account, i.e.
> > > > > Outlook 2002: Tools->email accounts->View or Change->MS Exchange
> > > > > Server->Microsoft Exchange Server (edit box).

> > > > > The entry here for exchange server always seems to revert itself
to
> > the
> > > > > machine name, not even the internal DNS name of the server.

> > > > > If I manually change it to the proper DNS name, once you connect
to
> > the
> > > > > server, the dial box changes it to the machine name of the
exchange
> > > > server.

> > > > > This will never work outside the firewall, as even if the machine
> name
> > > was
> > > > > the same as the external DNS name, it's not a fully qualified
domain
> > > name.

> > > > > i.e. my machine name is 'Server-e2k'.

> > > > > The exchange server in the Services menu is thus 'server-e2k'.  It
> > > SHOULD
> > > > be
> > > > > 'server-e2k.mydomain.local'.

> > > > > Ping server-e2k
> > > > > .. 192.168.1.1
> > > > > Ping www.mycorp.com
> > > > > .. 192.168.1.1
> > > > > Ping server-e2k.mydomain.local
> > > > > .. 192.168.1.1

> > > > > (i.e. the same, correct, internal IP)

> > > > > From outside the firewall (ANY DNS server)
> > > > > ping Server-e2k
> > > > > (no name resolution)

> > > > > Ping www.mycorp.com
> > > > > .. 66.166.100.100 (say)
> > > > > also:
> > > > > Ping server-e2k.mycorp.com
> > > > > .. 66.166.100.100 (say)

> > > > > where 66.166.100.100 is the IP that is published through the
> firewall
> > to
> > > > > 192.168.1.1.  This all works fine.

> > > > > I have a valid DNS entry for the inside of the firewall and the
> > outside.
> > > > > The outside the firewall entry specifies an MS ISA server that
> through
> > > > > server publishing relays the traffic through to the Microsoft
> Exchange
> > > > > server.  Inside of the firewall, the same DNS name resolves
directly
> > to
> > > > the
> > > > > exchange server.

> > > > > So .. my problem is that I need to convince my Exchange server
that
> it
> > > is
> > > > in
> > > > > fact named 'www.mycorp.com'.

> > > > > How do I do that in exchange?

> > > > > Note that if I gave up and renamed the server to be 'www' (same
> > machine
> > > > name
> > > > > as external name), I would STILL have the problem that it's a
> machine
> > > > name,
> > > > > NOT a real domain name.

> > > > > This kind of thing is not a problem with IMAP, as you can specify
> the
> > > name
> > > > > of the server (www.mycorp.com), and this works fine inside and
> outside
> > > the
> > > > > firewall.

> > > > > All firewall definitions are fine, I can send / receive email with
> > > > external
> > > > > and internal IMAP4 and POP3 accounts, and the server sends email
> fine.
> > > If
> > > > I
> > > > > probe the firewall with 'telnet www.mycorp.com' 135 I get through
> the
> > > > > firewall to the host computer.

> > > > > Any ideas?  I've searched EVERYWHERE (Tom Shinder's books is
great:

http://www.isaserver.org/tutorials/Using_the_Exchange_RPC_Filter_to_P...

- Show quoted text -

> > > > > Microsoft_Exchange.html

> > > > > but it doesn't address this specific issue - I have clients that
are
> > on
> > > > > different domains, so even if the Exchange server name was 'www',
it
> > > > > wouldn't work as my external Outlook corporate mode clients would
> > > resolve
> > > > to
> > > > > 'www.wrongdomain.com'.

> > > > > Thanks,

> > > > >                   == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sun, 15 Dec 2002 03:30:24


Tom:

  I thought I had a fix but no dice.  I had the server protocol defined, but
hadn't done the server rule for the subsequent inbound connections.  *doh*
However, I did have the wizard generated RPC server publishing rule, so I'm
not sure if I really needed the subsequent connections.

  Answer: doesn't make any difference ... I still have the sent items error.
This is on a laptop created 'fresh' and has never been inside the firewall.
I'm now going to move my laptop outside and test as well, to see if it's an
Outlook or ISA problem.

  Also, as Jim Sun pointed out, I didn't have the Outlook Address Book
listed under 'services'.  Oddly, it let me save contacts, but they didn't
show when searching for contact lists. This is probably the Outlook setting,
not the firewall.  So that's fixed now.

                  == John ==



Quote:> Hi John,

> Oh! And one more thing -- I've never encountered a problem with the
messages
> not being automatically saved in the Send Items folders. I'll check that
out
> too.

> Thanks!
> --
> Tom
> www.isaserver.org/shinder
> Get the books!
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> MVP -- ISA Server 2000

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sun, 15 Dec 2002 03:33:16


Well, the NetBIOS name *is* the DN, just not the FQDN.

I think one root thing is that, at Microsoft's recommendation (from a
service call way back), our domain name is 'mycorp.local' not 'mycorp.com'.
Knowing what I know now about DNS, Active Directory, I wouldn't have done it
that way, but I'm not going to redo the domain :-)

Also, 90% of my user's machines aren't members of the domain (client
locations), so if the client machine assembles the name by taking the
NetBIOS name and adding the machine domain, it wouldn't ever work.

                  == John ==



Quote:> Hi John,

> Not sure what is going on with you name resolution problems, all I can
tell
> you is if you do it right it works :-)  What you see is correct. You must
> denote the NetBIOS name in the HOSTS file, not the FQDN.

> I've never run into the address book issue, since I've always set up the
> clients inside the firewall (clients are travelers who use laptops). I'll
> check on the address book issue. Users might actually have to know the
> address of the person they're sending mail to :-)  Are they are to use the
> GAL?

> Thanks!
> --
> Tom
> www.isaserver.org/shinder
> Get the books!
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> MVP -- ISA Server 2000

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sun, 22 Dec 2002 06:06:17


I have enabled a VPN, but not all clients allow it.

Many of our clients block VPN traffic for security reasons.

IMAP generally works well, however.

There are serious problems with Outlook and Exchange here:

1) that Outlook's IMAP mode incorrectly views contacts and the calendar.

2) Exchange's calendaring and contact sharing has to be done through
'corporate mode'.

3) 'corporate mode' doesn't work well outside a firewall.

4) Web interface doesn't allow offline mode (i.e. laptops) or spell
checking, so it's not adequate for serious day to day work, only occasional
checks.

5) The Web interface doesn't allow import of contacts or mail.

All these are serious deficiencies in your mail product.  Microsoft
recommendations aside, none of the recommended methods address this.  4 and
5 mean that OWA is really only good for occasional, non primary use.

           == John ==

(added Exchange back to the CC list, this isn't an ISA issue really)



Quote:> Hi John,

> Thank you for the reply.

> Since the boss and some sales people are working externally, what do you
> think of the VPN solution? You only need to enable VPN on your network.
> When the users VPN remotely from the Internet, they are just like
> connecting to the local network. They can use not only Exchange, but all
> the other resources on the LAN. Do you think it's good?

> Please feel free to post back if you need any further assistance.

> Thanks & Regards,

> Jim Sun
> Microsoft Online Support Engineer

> Get Secure! - www.microsoft.com/security

> =====================================================
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Sun, 22 Dec 2002 07:55:01


Quote:> Since you are using the method which is not recommended by Microsoft, we
> are sorry for taking you inconveniences.

*lol* very well put marketing speak <G>

I'm sorry in turn that Outlook and exchange only work 100% when you are in
corporate offices.  Too bad this isn't the norm for ANY company any more :-)

Quote:> In this scenario, easy client need to add an item in the host file at
local
> side.

The whole POINT of DNS is so that you don't have to do that.  I have my DNS
setup correctly; clients access www.mycorp.net outside OR inside the
intranet.  My internal DNS resolves this inside the firewall, and forwards
external request properly.  www.mycorp.net OUTSIDE routes properly.

You shouldn't have to update hosts files.  Being easy or not isn't the
point.  It's an additional admin step I need to take to resolve a serious
pre-internet deficiency in Exchange.  I say pre-internet, as Exchange is
clearly still thinking of the 90's approach to 'work group computing' with
it's reliance on NETBIOS names instead of the modern internet.

Quote:> I personally think your idea to change the design for the check names
> feature in Outlook is great. I suggest you offer the excellent idea to the
> following link.

>    http://register.microsoft.com/regwiz/regwiz.asp

Thanks, I made some comments.

I'd be happy to Beta Exchange 2003, so we can make this a better product!

                  == John ==

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Jeff Chen (MS » Tue, 24 Dec 2002 13:36:36


Hello John,

Thank you for requesting support for Exchange Server.

Yes, when we are resolving the user name when we creating a new profile for
Exchange Server, Outlook resolves the email server as the internal name
instead of the external name. As we discussed before, it is by design.
Therefore, if we connect the Exchange Server externally, it will fail. If
we want Outlook to recognize the internal email server externally, we have
two choices:

One is to let your external client logon your internal corporation network.
Another is to modify the Hosts file on the client side.

I know you have configured your DNS servers correctly. However, when you
are external, your client cannot know the internal name of the exchange
server. Since Outlook resolves the Exchange Server to be the internal
machine name, we should add an entry in the Hosts file so that your client
can know the exact external Exchange Server name, and then you can connect
to it. If you don't want to use VPN, I think this is the only method we can
use. Also, I have tested on my side by publishing the Exchange Server
behind ISA server: If we don't add this entry to Hosts file, we cannot
connect to the Exchange Server externally.

In addition, I found you may have some concerns about VPN and security. In
fact, I personally agreed that the VPN is a better method regarding our
issue. VPN is a good feature that has already been considered for security.
After you connect to your corporation by using VPN, you can access your
resources just like you are in the office. Actually, if you consider
security reason, I suggest you post a new post in our Windows 2000
newsgroup so that our Windows support can provide you a solution to enhance
your security, and then your Outlook clients can connect to your Exchange
Server directly.

I hope the information above helps. If you need further assistance, please
feel free to let me know. I am happy to be of assistance.

Best regards,

Jeff Chen
Microsoft Online Support Engineer

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by Jeff Chen (MS » Tue, 24 Dec 2002 13:33:01


Hello John,

Thank you for requesting support for Exchange Server.

Yes, when we are resolving the user name when we creating a new profile for
Exchange Server, Outlook resolves the email server as the internal name
instead of the external name. As we discussed before, it is by design.
Therefore, if we connect the Exchange Server externally, it will fail. If
we want Outlook to recognize the internal email server externally, we have
two choices:

One is to let your external client logon your internal corporation network.
Another is to modify the Hosts file on the client side.

I know you have configured your DNS servers correctly. However, when you
are external, your client cannot know the internal name of the exchange
server. Since Outlook resolves the Exchange Server to be the internal
machine name, we should add an entry in the Hosts file so that your client
can know the exact external Exchange Server name, and then you can connect
to it. If you don't want to use VPN, I think this is the only method we can
use. Also, I have tested on my side by publishing the Exchange Server
behind ISA server: If we don't add this entry to Hosts file, we cannot
connect to the Exchange Server externally.

In addition, I found you may have some concerns about VPN and security. In
fact, I personally agreed that the VPN is a better method regarding our
issue. VPN is a good feature that has already been considered for security.
After you connect to your corporation by using VPN, you can access your
resources just like you are in the office. Actually, if you consider
security reason, I suggest you post a new post in our Windows 2000
newsgroup so that our Windows support can provide you a solution to enhance
your security, and then your Outlook clients can connect to your Exchange
Server directly.

I hope the information above helps. If you need further assistance, please
feel free to let me know. I am happy to be of assistance.

Best regards,

Jeff Chen
Microsoft Online Support Engineer

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Wed, 25 Dec 2002 05:04:21


Tom:

I did some more checking ..

I believe the 'sent items' error was due to setting up this client in
corporate mode from outside the firewall.

Also, when the 'sent items' error was manifesting itself, once I fixed the
outbound subsequent connections, the 'sent items' error only happened the
FIRST time an email was sent.  It was, however, consistent.

I wiped the user profile off the laptop, moved it inside the firewall, and
then followed the same steps to setup Exchange in Corporate mode.

This time, the account can send/receive fine.

I moved it outside the firewall, and it can still send and receive fine.

So it appears either:
1) I didn't have all the settings in the firewall correct, and something got
setup wrong *permanently*
2) You can't setup Corporate mode 'outside' the firewall for the initial
setup.

I don't see 2) as an issue, and it fixes 1) ... although I've been ranting
about Outlook/Exchange not working well outside the enterprise ;-) I think
saying you have to be inside or at least VPN'd for the initial setup is not
a big deal, and probably better.

                  == John ==



Quote:> Hi John,

> Oh! And one more thing -- I've never encountered a problem with the
messages
> not being automatically saved in the Send Items folders. I'll check that
out
> too.

> Thanks!
> --
> Tom
> www.isaserver.org/shinder
> Get the books!
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> MVP -- ISA Server 2000

 
 
 

Exchange 2k publishing outside firewall - server name persists in Outlook Services, not proper domain name

Post by John D. Gwinne » Wed, 25 Dec 2002 04:48:35


Jeff:

  You're using the phrase "Internally" and "Externally".  You're missing my
point.

  The Internal name of this machine isn't proper either.  It's simply the
machine name.

  My internal name and external names ARE THE SAME.  But it doesn't work.
Why?

Internal name of server: www
External name of server: www
domain: mycorp.com.

However, the exchange services is setup as 'www' instead of
'www.mycorp.com'.  It's not the fully qualified domain name.

This becomes an issue for anyone outside the firewall, OR machines that are
not members of the domain - for example, a laptop user.  If I am at a client
site, and DHCP is setup to decorate any names with THEIR domain, my exchange
server then becomes:

www.myclient.com

which will NOT resolve.

Quote:>>your client cannot know the internal name of the exchange server. <<

Sure it does.  www.mycorp.com.  That's the same name inside or outside.
IMAP works fine - you put in the 'server name'.  The problem is that when
Exchange connects in corporate mode, it OVERRIDES the entry in the
'services' tab with what it perceives as the name.  Unfortunately, it's
using a 10 year old network name, without a fully qualified domain name.

Quote:>>> In addition, I found you may have some concerns about VPN and security<<

I don't have any issues with a VPN.  My clients, however, forbid them, or
they have hardware that cannot support VPN's.  A VPN is simply not a 100%
solution.

                  == John ==



Quote:> Hello John,

> Thank you for requesting support for Exchange Server.

> Yes, when we are resolving the user name when we creating a new profile
for
> Exchange Server, Outlook resolves the email server as the internal name
> instead of the external name. As we discussed before, it is by design.
> Therefore, if we connect the Exchange Server externally, it will fail. If
> we want Outlook to recognize the internal email server externally, we have
> two choices:

> One is to let your external client logon your internal corporation
network.
> Another is to modify the Hosts file on the client side.

> I know you have configured your DNS servers correctly. However, when you
> are external, your client cannot know the internal name of the exchange
> server. Since Outlook resolves the Exchange Server to be the internal
> machine name, we should add an entry in the Hosts file so that your client
> can know the exact external Exchange Server name, and then you can connect
> to it. If you don't want to use VPN, I think this is the only method we
can
> use. Also, I have tested on my side by publishing the Exchange Server
> behind ISA server: If we don't add this entry to Hosts file, we cannot
> connect to the Exchange Server externally.

> In addition, I found you may have some concerns about VPN and security. In
> fact, I personally agreed that the VPN is a better method regarding our
> issue. VPN is a good feature that has already been considered for
security.
> After you connect to your corporation by using VPN, you can access your
> resources just like you are in the office. Actually, if you consider
> security reason, I suggest you post a new post in our Windows 2000
> newsgroup so that our Windows support can provide you a solution to
enhance
> your security, and then your Outlook clients can connect to your Exchange
> Server directly.

> I hope the information above helps. If you need further assistance, please
> feel free to let me know. I am happy to be of assistance.

> Best regards,

> Jeff Chen
> Microsoft Online Support Engineer

> Get Secure! - www.microsoft.com/security

> =====================================================
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.