Hi all, I know there are various threads on this subject (I have been reading them all for weeks). I have nearly cracked this and was wondering if anyone here knew the answer to my problem. The situation is as follows: We have an Exchange 2000 server sitting nice and safe inside our firewall with no external email access via any protocol. My boss asked if I could allow Outlook Web Access from the outside, so, knowing the security issues with this I thought "I'll just route it over an encrypting proxy". That was 2 weeks ago and I still can't get the damn thing to work for all users! It works, but only for users with admin privialages. Other users just get endlessly repeating login prompts. Before you all shout - "thats an Exchange / IIS issue and your proxy is working", I'll add that internally (ie: not through the proxy) OWA works for all users. So something is not getting properly proxied... I am sure this is a *feature* of OWA to prevent people using this kind of setup, but I just thought I would throw it out there to see if anyone had come across this particular issue. I include my proxy virtual host setup (note all the commented out attempts at different config): ------------------------------------------------------------------ NameVirtualHost 1.1.1.1 <VirtualHost 1.1.1.1> ServerAdmin webmaster@xxxxxxxxxxxx ServerName webmail.nodomain.com DocumentRoot /var/www/ RequestHeader set Front-End-Https "On" Header unset "WWW-Authenticate: NTLM" Header add WWW-Authenticate "Basic realm=mymailserver.nodomain.com" SSLEngine On SSLCertificateFile /etc/apache2/ssl/myproxyserver.cert.cert SSLCertificateKeyFile /etc/apache2/ssl/myproxyserver.cert.key # Set up this thing as a proxy for mymailserver's OWA ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> <Location /exchange> ProxyPass http://mymailserver.nodomain.com/exchange ProxyPassReverse http://mymailserver.nodomain.com/exchange # SSLRequireSSL </Location> <Location /exchweb> ProxyPass http://mymailserver.nodomain.com/exchweb ProxyPassReverse http://mymailserver.nodomain.com/exchweb # SSLRequireSSL </Location> <Location /public> ProxyPass http://mymailserver.nodomain.com/public ProxyPassReverse http://mymailserver.nodomain.com/public # SSLRequireSSL </Location> # ProxyPass / http://mymailserver/Exchange/ # ProxyPassReverse / http://mymailserver/Exchange/ # SetEnv force-proxy-request-1.0 1 # SetEnv proxy-nokeepalive 1 # ProxyPass /Exchange/ http://mymailserver.nodomain.com/Exchange/ # ProxyPassReverse /Exchange/ http://mymailserver.nodomain.com/Exchange/ # ProxyPass /exchweb/ http://mymailserver.nodomain.com/exchweb/ # ProxyPassReverse /exchweb/ http://mymailserver.nodomain.com/exchweb/ # ProxyPass /public/ http://mymailserver.nodomain.com/public/ # ProxyPassReverse /public/ http://mymailserver.nodomain.com/public/ <Directory /var/www/> Order allow,deny allow from all RedirectMatch ^/$ /exchange </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On </VirtualHost> ------------------------------------------------------------------ I have also been fiddling with all the IIS / Exchange directory permissions and authentication settings - leaving them as wide open as possible, but it doesn't seem to have any effect! Thanks in advance, Dan --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx