Hi there, Our ISA server died around a month ago so we replaced it with a new TMG server. Exchange appeared to be running fine until late last week and now it only runs normally internally / while also connected via VPN. Around this time our wildcard cert was replaced with a new one (which has different private key) and this replacement seems to be applied to exchange correctly (shows new freindly name in IIS > RpcWithCert site> properties> certificate). I'm not sure if anything else has been changed, and I don't think we had SRV setup when it was working before Running the www.testexchangeconnectivity.com tool externally / disconnected from VPN gives the below output which failed on all 5x tests. Where would be the best place to start troubleshooting this? ExRCA is attempting to test Autodiscover for ouruser@ourdomain.com. Testing Autodiscover failed. Test Steps Attempting each method of contacting the Autodiscover service. The Autodiscover service couldn't be contacted successfully by any method. Test Steps Attempting to test potential Autodiscover URL https://ourdomain.com/AutoDiscover/AutoDiscover.xml Testing of this potential Autodiscover URL failed. Test Steps Attempting to resolve the host name ourdomain.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: 60.234.64.106 Testing TCP port 443 on host ourdomain.com to ensure it's listening and open. The specified port is either blocked, not listening, or not producing the expected response. Additional Details A network error occurred while communicating with the remote host. Exception details: Message: No connection could be made because the target machine actively refused it 60.234.64.106:443 Type: System.Net.Sockets.SocketException Stack trace: at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally() Attempting to test potential Autodiscover URL https://autodiscover.ourdomain.com/AutoDiscover/AutoDiscover.xml Testing of this potential Autodiscover URL failed. Test Steps Attempting to resolve the host name autodiscover.ourdomain.com in DNS. The host name couldn't be resolved. Additional Details Host autodiscover.ourdomain.com couldn't be resolved in DNS Exception details: Message: The requested name is valid, but no data of the requested type was found Type: System.Net.Sockets.SocketException Stack trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally() . Attempting to contact the Autodiscover service using the HTTP redirect method. The attempt to contact Autodiscover using the HTTP Redirect method failed. Test Steps Attempting to resolve the host name autodiscover.ourdomain.com in DNS. The host name couldn't be resolved. Additional Details Host autodiscover.ourdomain.com couldn't be resolved in DNS Exception details: Message: The requested name is valid, but no data of the requested type was found Type: System.Net.Sockets.SocketException Stack trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally() . Attempting to contact the Autodiscover service using the DNS SRV redirect method. ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method. Test Steps Attempting to locate SRV record _autodiscover._tcp.ourdomain.com in DNS. The Autodiscover SRV record wasn't found in DNS.

On Mon, 30 May 2011 21:17:57 +0000, JeremyA6 wrote: > > >Hi there, > >Our ISA server died around a month ago so we replaced it with a new TMG server. Exchange appeared to be running fine until late last week and now it only runs normally internally / while also connected via VPN. Around this time our wildcard cert was replaced with a new one (which has different private key) and this replacement seems to be applied to exchange correctly (shows new freindly name in IIS > RpcWithCert site> properties> certificate). I'm not sure if anything else has been changed, and I don't think we had SRV setup when it was working before > >Running the www.testexchangeconnectivity.com tool externally / disconnected from VPN gives the below output which failed on all 5x tests. Where would be the best place to start troubleshooting this? > > ExRCA is attempting to test Autodiscover for ouruser@ourdomain.com. Testing Autodiscover failed. > >Test Steps > >Attempting each method of contacting the Autodiscover service. > The Autodiscover service couldn't be contacted successfully by any method. > >Test Steps > >Attempting to test potential Autodiscover URL https://ourdomain.com/AutoDiscover/AutoDiscover.xml > > Testing of this potential Autodiscover URL failed. > >Test Steps > >Attempting to resolve the host name ourdomain.com in DNS. > The host name resolved successfully. > >Additional Details > IP addresses returned: 60.234.64.106 > > >Testing TCP port 443 on host ourdomain.com to ensure it's listening and open. > The specified port is either blocked, not listening, or not producing the expected response. I don't thinkthis has anything to do with your certificate. The IP address is listening on port 80. It's not listening on port 443. The IP address PTR record returns mail dot xmail dot co dot nz. There's no A record for autodiscover dot xmail dot co dot nz. And your domain probably isn't "ourdomain.com". So, unless you're goint to state whatr your domain name is, the assumption has to be that you've simply neglected to publish the autodiscover dot xmail dot co dot nz rule in TMZ and the associated A record in your DNS. If that's not the case, then you've neglected to publish the xmail dot co dot nz / autodiscover URL in TMZ. Either way, there's "nobody home" to answer the door when somone knocks on 60.234.64.106:443. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP