In my opinion you should configure EV with an RPC/HTTP URL, that will touch the ISA server... and have a rule on there which will send the request to EV.

The Outlook Addin will ALWAYS first of all try the FQDN of the storage server, which will be the internal name for it, which won't be accessible to the outside world.  The Addin can then try the RPC/HTTP URL.  You can use SSL on that, and it can go to ISA (or similar) and be forwarded on to EV (ISA can remove the SSL too)

You configure that URL via the Desktop policy general tab. It's called RPC Proxy.

there is no isa,juniper or any product in customer environment.there are just firewall.

if i have any product in outside request i can do link transation on it it is easy but i have a problem on this internal links.

deskto policy rpc link is: https://archive.company.com/enterprisevault

but when i try from anywhere clients ,request is shown archive.company.intra in client trace so how can i solve this problem?

thanks...

What you should see is this :-

02/12/2011 10:57:39.905[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:39.905[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.905[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.906[ 408][M]:     Desktop Setting: DefaultWebAppURL

02/12/2011 10:57:39.906[ 408][M]:     Value: http://ev1a.EV.Local/EnterpriseVault

^^ We will try the FQDN of the storage server first.  This, of course, is the internal name, and won't work outside of the corporate network.

02/12/2011 10:57:39.906[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:39.907[ 408][L]: HaveConnection::ExecuteTest

02/12/2011 10:57:39.910[ 408][L]: DesktopCommonUtil::GetEVUserAgent: 0x0

02/12/2011 10:57:39.910[ 408][L]: DesktopCommonUtil::GetClientDLLVersion: 0x0

02/12/2011 10:57:39.911[ 408][L]: ~DesktopCommonUtil::GetClientDLLVersion: 0x0

02/12/2011 10:57:39.912[ 408][L]: ~DesktopCommonUtil::GetEVUserAgent: 0x0

02/12/2011 10:57:39.912[ 408][L]: DesktopCommonConfig::GetConfigValue: 0x0

02/12/2011 10:57:39.912[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:39.913[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.913[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.913[ 408][M]:     Desktop Setting: RESTRICTPOLICYLOOKUP

02/12/2011 10:57:39.914[ 408][M]:     No Value

02/12/2011 10:57:39.914[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:39.914[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:39.914[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.915[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:39.915[ 408][M]:     Desktop Setting: INTERNETOPENTYPEDIRECT

02/12/2011 10:57:39.915[ 408][M]:     No Value

02/12/2011 10:57:39.916[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:39.916[ 408][M]:  INTERNETOPENTYPEDIRECT = 0 [default]

02/12/2011 10:57:39.916[ 408][L]: ~DesktopCommonConfig::GetConfigValue: 0x1

02/12/2011 10:57:40.037[ 408][M]: Connection test to: ev1a.EV.Local/EnterpriseVault/clienttest.gif failed

^^ Here is the failure.

02/12/2011 10:57:40.037[ 408][L]: ~HaveConnection::ExecuteTest

02/12/2011 10:57:40.037[ 408][L]: DesktopCommon::UseRPCOverHTTP: 0x0

02/12/2011 10:57:40.038[ 408][L]: ~DesktopCommon::UseRPCOverHTTP: 0x0

02/12/2011 10:57:40.038[ 408][L]: DesktopCommonConfig::GetConfigValue: 0x0

02/12/2011 10:57:40.038[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.039[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.039[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.039[ 408][M]:     Desktop Setting: RESTRICTPOLICYLOOKUP

02/12/2011 10:57:40.040[ 408][M]:     No Value

02/12/2011 10:57:40.040[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:40.040[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.040[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.041[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.041[ 408][M]:     Desktop Setting: RPCOVERHTTPUSEDIRECTCONNECTION

02/12/2011 10:57:40.041[ 408][M]:     No Value

02/12/2011 10:57:40.042[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:40.042[ 408][M]:  RPCOVERHTTPUSEDIRECTCONNECTION = 0 [default]

02/12/2011 10:57:40.042[ 408][L]: ~DesktopCommonConfig::GetConfigValue: 0x1

02/12/2011 10:57:40.043[ 408][M]: Could not contact the EV web server (http://ev1a.EV.Local/EnterpriseVault) directly, trying the EV RPC over HTTP URL

^^ Now we lookup and use the RPC/HTTP URL

02/12/2011 10:57:40.043[ 408][L]: DesktopCommon::GetRPCOverHTTPURL: 0x0

02/12/2011 10:57:40.044[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.044[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.044[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.045[ 408][M]:     Desktop Setting: RPCOVERHTTPPROXYURL

02/12/2011 10:57:40.045[ 408][M]:     Value: http://fe.ev.local/enterprisevault

02/12/2011 10:57:40.045[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.046[ 408][L]: ~DesktopCommon::GetRPCOverHTTPURL: 0x0

02/12/2011 10:57:40.046[ 408][L]: HaveConnection::ExecuteTest

02/12/2011 10:57:40.046[ 408][L]: DesktopCommonUtil::GetEVUserAgent: 0x0

02/12/2011 10:57:40.046[ 408][L]: ~DesktopCommonUtil::GetEVUserAgent: 0x0

02/12/2011 10:57:40.047[ 408][L]: DesktopCommonConfig::GetConfigValue: 0x0

02/12/2011 10:57:40.047[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.047[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.048[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.048[ 408][M]:     Desktop Setting: RESTRICTPOLICYLOOKUP

02/12/2011 10:57:40.048[ 408][M]:     No Value

02/12/2011 10:57:40.048[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:40.049[ 408][L]: DesktopCommonConfig::GetSetting: 0x0

02/12/2011 10:57:40.049[ 408][L]: DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.049[ 408][L]: ~DesktopCommonConfig::LoadSettingsFromHiddenMessage: 0x0

02/12/2011 10:57:40.050[ 408][M]:     Desktop Setting: INTERNETOPENTYPEDIRECT

02/12/2011 10:57:40.050[ 408][M]:     No Value

02/12/2011 10:57:40.050[ 408][L]: ~DesktopCommonConfig::GetSetting: 0x1

02/12/2011 10:57:40.051[ 408][M]:  INTERNETOPENTYPEDIRECT = 0 [default]

02/12/2011 10:57:40.051[ 408][L]: ~DesktopCommonConfig::GetConfigValue: 0x1

02/12/2011 10:57:40.238[ 408][M]: Connection test to: fe.ev.local/enterprisevault/clienttest.gif succeeded

^^ That worked.

02/12/2011 10:57:40.238[ 408][L]: ~HaveConnection::ExecuteTest

02/12/2011 10:57:40.239[ 408][M]: Successfully contacted the EV web server using: http://fe.ev.local/enterprisevault

02/12/2011 10:57:40.239[ 408][L]: ~DesktopCommon::GetWebAppURLEx: 0x0

02/12/2011 10:57:40.239[ 408][L]: PSTMIG: ~CPSTImporter::GetDesktopSettings: 0x0

02/12/2011 10:57:40.240[ 408][L]: CDesktopPSTHelperBase::OpenMAPISession: 0x0

02/12/2011 10:57:40.240[ 408][L]: CComAutoUnlock<class ATL::CComAutoCriticalSection>::CComAutoUnlock

02/12/2011 10:57:40.240[ 408][L]: ~CComAutoUnlock<class ATL::CComAutoCriticalSection>::CComAutoUnlock

02/12/2011 10:57:40.243[ 408][L]: CComAutoUnlock<class ATL::CComAutoCriticalSection>::~CComAutoUnlock

02/12/2011 10:57:40.243[ 408][L]: ~CComAutoUnlock<class ATL::CComAutoCriticalSection>::~CComAutoUnlock

02/12/2011 10:57:40.244[ 408][L]: ~CDesktopPSTHelperBase::OpenMAPISession: 0x0

02/12/2011 10:57:40.245[ 408][L]: PSTMIG: ~CPSTImporter::Init: 0x0

02/12/2011 10:57:40.245[ 408][L]: DesktopCommon::GetXMLDOMDocumentObj: 0x0

02/12/2011 10:57:40.247[ 408][M]: ------ Loaded DOMDocument3

02/12/2011 10:57:40.248[ 408][L]: ~DesktopCommon::GetXMLDOMDocumentObj: 0x0

02/12/2011 10:57:40.248[ 408][M]: PSTMIG: PST Importer sleeping for 1 minutes\

If you are not seeing the fallback to the RPC/HTTP URL..  then is RPC/HTTP enabled?

It might be an idea to post a sanitized client trace of your own ..  the full trace.  [as an attachment]

Are you guys reading what he's saying? He's saying that he cannot publish the /EnterpriseVault/ directory because he does not have ISA or TMG or any software that can do link translation or folder publishing just a pure old firewall (like a Cisco or something)

So my question is, how are publishing OWA? Do you have exchange out in the DMZ?
To be honest you may have no choice but to have them use Vault Cache or OWA without the use of search or archive explorer

because except of search vaults and archive explorer they used excahange server!(seach vaults and archive exploerr also dont work because they are going to internal link also!)

but running external links manually from ie it works because links are published.(https://ev.copmany.com/enterprisevault/archiveexpo... and search works well.)

client trace is attached. items error is server name could not resolved.

this error is true because in client trace it is trying to go to internal address because there is no link translation ...

If you have not got ISA or TMG you need to publish your EV server externally in order for Search and Archive Explorer to work. The same way you do with your OWA through the firewall with https://evsitealias.domain.com/enterprisevault instead of https://webmail.domain.com/OWA. It means that you have to enable https for the EV server and buy another public IP address for the EV server.

https://evsitealias.domain.com/enterprisevault is working from ie in externaly.

Owa works in externally but from the owa seach vaults and archive explorer goes to internal site so dont work.

outlook anywhere is also same problem.

because working principle of owa work through exchange servers so it works but

outlook anywhere and seach vaults archive exploerer goes directtly to EV server ,and they are not noks because opf the links trying to go to internal site....

When you say you click on Search and Archive Explorer and it give you the internal site, what exactly does it give you? Because if you have published the https://evsitealias.domain.com/enterprisevault correctly then it should work.

When you publish the EV server it has to be exactly as the default webappurl. i.e. if you are using http://evsitealias.domain.local/enterprisevault then you have to publish the EV server using this URL with HTTPs of course. Therefore you have to buy a valid certificate and a public IP address etc. and you have to enable https for the EV server via the Admin console and IIS. What happens when you enable EV with HTTPS? Well, it gets quite messy as you have to recreate all the user's shortcuts, all the internal users will be connected to the EV server using https etc.

All of these mess for the sake of using Search and Archive Explorer externally? I would recommend sticking an ISA or TMG in if it is required for business.

when you analyze client trace ,you will see desktop policy is https://evsitealias.domain.com/enterprisevault

and this link is working on external correctly from manually enter link in internet explorer.

but in owa seacrh button and archive exploerer button they are going to internal link so it couldnt open same issue is occurs on outlook anywhere in this time all of the archived mails couldnt open because items tring to goto internal link,as you seen in client trace.

problem is this,how can i revert,translate these internal links to external one?

(I done many configuration in isa,tmg,juniper,asa and when i use link translation i can solve this problem but i dont know how can i solve this problem without these products?)

My point is that you can't solve this problem without ISA/TMG. You have to publish your EV server using the internal URL (default webappurl) in order to solve this. Read my last post carefully.

Environment working from https connection.

iis configuration is done also SAN seltificate is using.

evserver have external ip adres and archive.company.com url ,and they are working also.

so just one problem left;outlookanywhere link translation ,or other way...

I couldnt understand the your internal adress publish?

My idea it should published with https://archive.comany.com

  you suggest that publish http://archive.company.local then change desktop policy url? I couldnt understand sorry..

Yes, leave your desktop policy as it is and don't change it. Publish your internal URL separately through your firewall and it should resolve your issue. But you should test everything before changing production configurations.

I couldnt publish customer internal ip in outside,because it uses ip or server,i couldnt publish or use just URL,so it causes security problem.

That's also my point, that's why people use ISA/TMG for security issues.