So we have an Exchange 2010 server that has been running fine for quite a few years. We recently changed our firewall to an ASA 5510 and created all the firewall rules necessary to have email work through it. Everything works fine so naturally we thought everything was good to go.
Then I started getting messages that the Out of Office wasn't working an that when users where trying to set their away message they would get a message from outlook that the exchange server was unavailable, yet when I check the outlook client it would say Connected to Microsoft Exchange at the bottom. I thought this was crazy so I started looking further into it and it turns out that the name for the server owa.xxxxxx.net points to a public address, which of course lives on the outside interface to the ASA. In ASA world it doesn't like private space (ie. 192.168.x.x) talking to the outside interface and drops the packets, where our old firewall did not. So as a short term fix I had the users using OWA site with a internal address to set their out of office message. This worked fine until today when I rebooted the email server and started getting support calls saying that when users where selecting the To: button in a new email that once again they were getting messages saying that they were not connected to exchange, yet they once again outlook said they were. I then started playing with the host name owa.xxxxxx.net again. This time I changed the hosts file on a box and pointed the internal IP of the exchange server to that host name. Restarted the outlook client and things started to work as they should. I have played with split DNS to see if this would help so I wouldn't have to do this with every client in the network, and it was promising until I realized that we many hosts that use this domain and an external DNS server that takes care of these requests that now the internal users will never reach. Funny part is that if we take one of our laptops out side the network everything works fine as well.
So I'm guessing that some of the processes that connect Outlook to Exchange use the FQDN of the server or IP address, and that other things such as the Global Address Book and Out of Office use the External Host Name.
Any help to point these request at the Internal FQDN/IP would be great, or if someone can think of another way of dealing with this issue would be greatly appreciated.