06-01-2009 02:08 PM - edited 03-11-2019 08:38 AM
Hi,
We've installed an ASA and were having issues between Outlook users on the Internet and our Exchange server behind the firewall. Outlook web access works and HTTPS is open from the Internet but when users try and set there "out of office" or look at "free busy" I see TCPReset-O in the logs on the session. From what I understand the outlook client is using RPC over HTTPS for this connection to the server. Has anyone seen this before with Outlook and Exchange through an ASA before?
Thanks.
06-02-2009 08:48 PM
If this is DCERPC there is limited support on the firewall platforms for this protocol. I'd suggest getting captures on the outside interface to try and figure out who is sending the reset packets and why.
06-03-2009 02:28 AM
I am not familiar with this but one of my colleagues worked on an ASA SSL VPN project and NTLM v2 authentication. He spent about four weeks working with Cisco developers on this issue. Despite what Cisco stated in the documentation, NTLM v2 authentication does NOT work with Cisco ASA. Because of this requirements, we decided to go with F5 Firepass SSL VPN.
Plumbis, there should be a Cisco TAC case on this issue.
06-03-2009 04:25 AM
Hi,
I do have a TAC case open but we have not been able to get it working yet. Packet captures show the client is sending the reset to the server so I'm not sure if the ASA is altering the NTLM traffic or not. I've have read a few posts referring to Web and SSL VPN issues with NTLM but we're just just coming over the Internet hitting our Exchange system without a VPN.
If we get this working I'll post the fix but I think TAC is leaning towards an application issue because the ASA is not dropping the traffic. This works fine on the LAN not going through he ASA so something is happening here.
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: