After building our environment we had no problems making OWA work internally with Outlook Web App, but externally we always received error messages from OWA.
"Sorry, we couldn't open this presentation because we ran into a problem. Please try again."
Our external Outlook Web App is accessed via a Forefront UAG trunk, however there were no error messages on the OWA, Exchange or UAG servers indicating a problem.
We ran Wireshark packet trace on the OWA server and found that when the request for the Powerpoint web app was established externally, the OWA server tried to establish a connection to UAG. This makes sense as the Powerpoint file needs to be transferred from Outlook Web App to OWA somehow and UAG stands in its way.
The Resolution
1. Create a simple A record in the hosts file of the OWA server.The A record should be the FQDN of your UAG trunk to the internal IP address of your Outlook Web App server, a load balancer address is fine here.
In our circumstance we needed to re-issue the Exchange certificates to include the UAG FQDN in the subject alternate name of the certificate. We tried without re-issuing the certificate but received the same "Please try again." error messages as above. As you would expect the OWA server is rejecting the certificate as it doesn't contain the correct FQDN.
You also need to ensure your OWA server has network connectivity to the HTTPS port of your Outlook Web App server.
While this is a simple fix, it did take us a while to even consider trying this. Now we have lots of happy users able to preview power point and word documents externally.
I am having a similar issue with OWA and SharePoint 2013 published via UAG. I will try this method but pointing the host record to the SharePoint web frontend servers instead and see if that allows the docs to be opened when coming in externally. My concern is that we are putting in Exchange 2013 as well and if we're going to face the same problem I'm not going to be able to point the OWA server to the Outlook Web App servers as can only have one host entry for the UAG server. Seems like a bit of an issue. Do you use SharePoint with OWA via UAG?
ReplyDeleteI'm not up to the Sharepoint 2013 implementation stage yet but like your implementation, I am going to be sharing UAG for both SP and Exchange.
ReplyDeleteYou could possibly look at a different hostname for your OWA server and pointing SP or Exchange to a different hostname. That way you can point UAG to a different back end host?
Or even a secondary OWA or UAG server to resolve this problem.