Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Search not working from OWA external access

Created: 02 Jul 2013 • Updated: 03 Jul 2013 | 6 comments
R_G's picture
This issue has been solved. See solution.

I have a wierd issue here, everything is working fine except the Search Archive from external OWA access.

EV 10

Exchange 10 and TMG.

Rules for EV and OWA are published as per the documentation. Infact using OWA, user can open archived items and Archive explorer also.

Internally within network, URL is http://evserver/enterprisevault and externally we use published OWA name for EV rule.

When user connects to OWA using https://webmail.external.com/owa, and clicks on Search it tries to connect to internal EV server FQDN.

The web.config file on CAS server has UseExternalWebAppURL = True and ExternalWebAppURL = https://webmail.external.com

I checked the Desktop policy configuration for OWA, but that also seems to be ok.

I am not sure if I am missing any configuration part here. Please advise.

Operating Systems:

Comments 6 CommentsJump to latest comment

JesusWept3's picture

get a log file for the particular user and have a look and see if it gives any clues

TonySterling's picture

Did you follow all the steps here:

How to configure Enterprise Vault integration with OWA using Threat Management Gateway 2010 (TMG)

Article:HOWTO59068  |  Created: 2011-08-27  |  Updated: 2012-01-26  |  Article URL http://www.symantec.com/docs/HOWTO59068
Advisor's picture

Some times I have seen that even using ExternalWebAppURL the external OWA request is not treated external by EV OWA extensions.

To confirm this, you can login to CAS Server and check the IIS logs or OWA logs. Client IP/ Requesting IP should be of your TMG Server, if not then can you try following:

Refer technote: http://www.symantec.com/docs/TECH155122

(This technote is referring ISA 2006 though its the same for TMG)

Let me know if that helps...

SOLUTION
ManishN's picture

I think the bheavior is quite expected, when you say  "

When user connects to OWA using https://webmail.external.com/owa, and clicks on Search it tries to connect to internal EV server FQDN.

"

Assigning ExternalIPaddresses may sometime break the Internal connectivity in my experience so it has to entered carefully.

You can check few basic things

1. Open IE on your client machine who connects externally and try to access enterprisevault virtual directory for .e.g. https://publishedname/enterprisevault or http://publishedname/enterprisevault and see if you can access. You have to publish EV virtual directory.

2. Enable Fiddler and TMG trace to track the request.

You can also ref. few articles

http://www.symantec.com/business/support/index?page=content&id=TECH61472

http://www.symantec.com/business/support/index?page=content&id=TECH63250

Regards,

MN

R_G's picture

Thanks Tony, its exactly the same configuration. Advisor, I checked the logs where I see client IP shown in the log is not matching with the TMG internal IP addresses. As per the technote, I checked the web Rule and changed "Request appear to come from" section and added ExternalIPAddresses entry with TMG IP addresses. But still while accessing OWA, it does not connect, after deleting cookies and temp internet files, I was able to connect to Search on published name. Thanks a lot, you are Doctor of EV :)

Hey ManishN, I checked the internal working of OWA with EV operations after adding that entry on web.config, it works as well, so I guess nothing to worry?

Advisor's picture

Thanks for the complements :) I glad that issue has been solved