Since I know relatively little about ISA 2004, I'm going to go out on a limb here and make some assumptions (and hope it has nothing to do with ISA). Assumption #1: I assume you're using a non-public Domain naming scheme for your company's Active Directory Domain (ie: Using xyzcorp.local instead of xyzcorp.com?) or something similar. You want to http:// to mail.xyzcorp.com/exchange instead of mail.xyzcorp.local/exchange, right? Assumption #2: If the above scenario is similar to what you've got, you're probably using someone else to host public DNS for your company's domain name (ie: Network Solutions is hosting DNS for xyzcorp.com) and, of course, you've got a DNS server for Active Directory & xyzcorp.local. If all of the above is correct, what I think you need to do is create a forward lookup zone on your Active Directory DNS servers for your public domain name. That is, create a forward lookup zone on your Active Directory DNS Servers for xyzcorp.com and add a corresponding A and MX record for mail.xyzcorp.com to have the private IP address of your mail server. You could make the mail.xyzorp.com DNS record a CNAME for mail.xyzcorp.local if you want. The main problem with this is that you have double-maintenance whenever you need to change any DNS information to make sure your internal xyzcorp.com DNS matches the zone information with whoever is hosting your public DNS. As for the RPC over HTTP question...the only ports you should need open are tcp port 80 for http and if you want to use HTTPS, tcp port 443 Hope this helps. --cm -----Original Message----- From: Falah [mailto:falah.ahmed@xxxxxxxxxxxx] Sent: Tuesday, August 16, 2005 7:48 PM To: [ExchangeList] Subject: [exchangelist] Useing OWA internaly http://www.MSExchange.org/ Hi all, Recently we have upgrade our exchange to exchange 2003, we ahve now front end and backend servers. most of our users useing OWA. If they use it form outside our LAN useing https://mail.xxx.yyy/exchange they can access it without any problems, but if they try to use the same URL to access it from our lan they can't reach it. I know that they can use the backend server URL, but this is not idle selution coz it is going to confuse the users, i want them to use one URL from both side (https://mail.xxx.yyy/exchange) is that possible? we have ISA 2004 as well. As a second issue could u please let me know which ports do I have to open on pix firewall to use RPC over HTTP. thanks Falah ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: cmaher@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx