In case with ISA, there is no direct connection between client and e-mail server. You need to install a certificate on ISA and configure it to listen on 443, then ISA establishes one session with the owa client and another with the e-mail server. With Cisco pix you have a direct connection (open 443). Check the situation with your firewall. I am not sure that cert common name has to match your external OWA FQDN. If you use a certificate for securing communication channel (you created the new web server certificate), check if you disabled integrated authentication on Exchweb, Exchange and Public virtual subdirectories on IIS and ESM. Zoran > Looks like port 443 is being blocked somewhere, despite assurances to > the contrary.... Looks like that's probably the issue here.