Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1.2.3 to 2.1.4 activesync/owa port 443 redirect being blocked?

    Scheduled Pinned Locked Moved NAT
    3 Posts 1 Posters 980 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lebeter
      last edited by

      the scenario is that i loaded a configuration from my existing box with 1.2.3 to another box with 2.1.0.  i updated that box to 2.1.4 after i uploaded that configuration.  Everything works fine except for my exchange activesync/owa connectivity which is broken and i don't see any default rules blocking in the logs.  So I tried inputting all the config including rules from scratch onto a 3rd box with 2.1.4 and same thing.  No dice with activesync and owa.  mail works fine otherwise on 25, just activesync and owa which uses 443.  Any ideas on what could be causing this.  Did something significant change between these versions with nat reflection or maybe something with dns?

      Any help on this would be greatly appreciated.  the 1.2.3 box needs to be replaced so trying desperately to get this done by tomorrow.  I have tried a multitude of toggles with nat reflection default options as well but who knows i'm definitely missing something.

      1 Reply Last reply Reply Quote 0
      • L
        lebeter
        last edited by

        ok so i did find that an android device required an update to the security policy, so maybe this is a certificate issue with the new mac address on the new boxes even though i gave it the same external ip?  btw i'm forwarding a Proxy ARP bound Virtual IP on the WAN port.  I have 4-5 ip's from my isp so the web/ssl ports are directed from that virtual IP.  it was setup the same way though on both boxes.

        1 Reply Last reply Reply Quote 0
        • L
          lebeter
          last edited by

          ok its a certificate issue, i had to spoof the old wan's mac address onto the new wan interface card

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.