Can't open Owa FQDN from machine/phone outside domain

Andre g 6 Reputation points
2024-02-05T19:28:39.3266667+00:00

DNS resolves correctly, to internal ip, and connects to https://192.168.x.x/owa but if I use the mail server public name I can't connect at all ! ERR_CONNECTION_TIMED_OUT with Edge/Chrome Incognito or not. And that's from the same subnet, in a machine not joined to the .local domain, either in a virtual machine or in wifi ! Ok from other subnet in site/to/site vpn though! If I join the Windows machine to the domain I get connected immediately even before rebooting. But this is not possible for Android and IOS phones. No problems with Outlook autodiscover.

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,251 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  2. Kael Yao-MSFT 37,711 Reputation points Microsoft Vendor
    2024-02-06T01:29:40.4233333+00:00

    Hi @Andre g,

    DNS resolves correctly, to internal ip

    but if I use the mail server public name I can't connect at all

    Can you share some more details on your DNS settings?

    If your mail server public name is mail.contoso.com, you need a A or CNAME record to point mail.contoso.com to the internal ip of Exchange.


    If the client device which is having the issue is not domain-joined, is it using the same DNS server in your internal network as other domain-joined ones?

    If it is using another DNS server, you need to make sure mail.contoso.com can be resolved correctly on that server.

    (And if it is a public DNS server, you need to point mail.contoso.com to the public ip address of Exchange or firewalls in front of it)


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".  Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  3. Andre g 6 Reputation points
    2024-02-07T09:40:42.0933333+00:00

    Phones are not resolving internal IP, but external, strangely. They work on Activesync but cannot access /owa. (we have loopback on sonicwall firewall) Tcp test fails on fqnd (external ip) but ok using internal ip (portDroid). I am not sure how it gets connected to ActiveSync. I just tried from Outlook app in wifi.

    But Windows machines resolve internal ip of the Exchange server using the same public mail server fqdn (eg:outlook.contoso.com set in split dns in our dc), the same in the certificate and antispam lookups. Test-NetConnection outlook.contoso.com -port 443 TcpTestSucceeded : True


  4. Andre g 6 Reputation points
    2024-02-21T22:41:19.5133333+00:00

    Anybody? Do I need open a ticket at ms support ?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.