SMA 100 Exchange Portal
Hi,
Wondering if anyone can help with the configuration of Exchange 2019 services behind a Sonicwall SMA 100 device.
I am running an SMA 100 device with an NSA 3650. When following the 'Offload Web Application' wizard on the SMA, following the guide on Sonicwall Support for setting up exchange services via the SMA device, ActiveSync, OWA and Outlook Anywhere it doesn't work.
Tweaking the portal that the wizard creates I can get ActiveSync and OWA to work but not Outlook Anywhere.
If I remove the SMA device from the setup and go directly to the Exchange server from the NSA 3650 everything works correctly so something is misconfigured between the SMA and Exchange.
My guess here is the settings on Exchange are not what the SMA device is expecting, which is why the wizard isn't working and why I can only get a few services working after tweaking.
Does anyone know what settings I should have on the Exchange Virtual Directories for it to work with the SMA device? I can't find anything that details what these should be and I think this is the problem.
Thanks.
Answers
HI @B4zza, did you add the autodiscover address as the Alias in the portal ? do you have WAFS enabled on the portal ? if you set the logs to debug is it showing anything in the Logs either in the WAFS logs or main logs? you are best checking the logs in both Classic and Contemporary
Hi @preston,
Thank you for your response.
Yes, I added the autodiscover address to the Alias in the portal.
Yes, WAF is enabled. I have followed this https://www.sonicwall.com/support/knowledge-base/outlook-client-authentication-fails-for-an-offloaded-exchange-portal-with-autodiscover-on-when-waf-is-enabled/190608213150279/ to make sure that wasn't the problem.
I have checked the logs and I can't see anything that is a problem, even after switching to debug mode. When testing the connection, I see it authenticating, and the requests for different Exchange Virtual Directories being reported fine as 'HTTPS Offloaded Connection (Outlook Access)'
The error I see when using testconnectivity.microsoft.com is
I have tested MAPI with Test-OutlookConnectivity -RunFromServerId xxxxxxx -ProbeIdentity OutlookMapiHttpSelfTestProbe and it succeded.
I have checked the global config settings for Exchange to make sure that MAPI is enabled and it is.
Like I said, if I remove the SMA from the equation and go directly to the Exchange Server, OWA, ActiveSync and Outlook work fine.
At a loss to what is misconfigured. I will try Sonicwall support on Monday again, hopefully, I won't be given the same KB articles on how to configure an Offloading Web Application for Exchange Services
Thanks
HI @B4zza , you didn't mention if you tried without WAFS enabled ? does your servers event logs show anything extra when trying to connect and it is failing?
@preston sorry I have tried it without the WAFS enabled, still the same.
I have decided to admit defeat here and just remove the SMA from the equation for now.
We will be moving our email to Exchange online soon, it would have been nice having the added layer of security from the SMA until then but it is just not working.