Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
peterl
New Contributor

OWA not accessible

I have a small block of public IPs for various servers I host. Configured Static NAT for them and while some things are working, others are not, on the exact same server. Configured NAT (aka Virtual IP) and policies for my onsite Exchange server. While SMTP (TCP 25) works and I can access that service from a specific external IP, OWA is not accessible from that same IP or any others since the OWA policy is open to all. The SMTP policy is tied to a few FROM addresses to allow traffic on port 25. OWA policy allows 80 & 443 from ALL. Such a basic config duplicated from old firewall that I had to revert to for now since that one works. What am I missing?

3 REPLIES 3
peterl
New Contributor

It's interesting because the browser gets the SSL cert and verifies it, just nothing is displayed on the page so basically there is a blank but secure https page. So at least half of the communication is working? Switching the firewalls out, the page loads just fine in the same browser.

marchand
New Contributor III

Have you changed the standard administration ports for http and https? Maybe they overlap with the owa port

peterl

No, I have not. I did see the warning "Port conflicts with the SSL-VPN port setting" but made nothing of that since I do not yet have VPN configured, although that will be the next step. Nor did I think this would affect port forwarding since OWA/Exchange server has its own public IP and 1-to-1 NAT. So I can't port-forward 443 to any of the other IPs? That kind of defeats the purpose of having multiple IPs if you can only use each port on ONE IP. I'm sure I'm misunderstanding something?