Advertisement

01.18.2008 at 09:31AM PST, ID: 23094023
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
5.6
How to change Outlook Web Access port numbers
Zones: SBS Small Business Server, Exchange Email Server
I am putting in a vpn appliance that has to use port 443 but my owa ssl port is 443.  My question is how can I change my owa port numbers?
Start your free trial to view this solution
Question Stats
Zone: OS
Question Asked By: tstech248
Solution Provided By: spyordie007
Participating Experts: 4
Solution Grade: B
Views: 212
Translate:
Loading Advertisement...
01.18.2008 at 10:16AM PST, ID: 20692732

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:22AM PST, ID: 20692805
tstech248:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:27AM PST, ID: 20692845

Rank: Sage

ATIG:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:28AM PST, ID: 20692851

Rank: Sage

RobWill:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:44AM PST, ID: 20692997

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:48AM PST, ID: 20693024

Rank: Sage

ATIG:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.18.2008 at 10:57AM PST, ID: 20693077

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.19.2008 at 12:31AM PST, ID: 20696591

Rank: Genius

TechSoEasy:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.19.2008 at 11:07AM PST, ID: 20698549

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.19.2008 at 11:46AM PST, ID: 20698679

Rank: Genius

TechSoEasy:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.20.2008 at 11:59AM PST, ID: 20702194

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 04:27PM PST, ID: 20764338
tstech248:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 04:56PM PST, ID: 20764528

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 05:16PM PST, ID: 20764614
tstech248:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 05:32PM PST, ID: 20764707

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 05:42PM PST, ID: 20764773
tstech248:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.28.2008 at 05:52PM PST, ID: 20764845
tstech248:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.29.2008 at 08:57AM PST, ID: 20769686

Rank: Master

spyordie007:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
01.29.2008 at 07:26PM PST, ID: 20774405

Rank: Genius

TechSoEasy:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Handhelds / PDAs
  • Displays / Monitors
  • Components
  • Networking Hardware
  • Peripherals
  • Laptops/Notebooks
  • Storage
  • Servers
  • Desktops
  • New Users
  • Misc
  • Apple
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMWare
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMWare
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Community Advisor
  • Lounge
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • Community Advisor
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
01.18.2008 at 10:16AM PST, ID: 20692732

Rank: Master

spyordie007:
You can bring up the IIS manager and select the website you're using for OWA (presumably "Default Web Site").

Under the properties note the SSL port number field (right now it will be set to 443).  Just change that to whatever port you want it to run on.

NOTE: You may need to adjust your firewall settings to allow the new connection, this may include ISA if it's SBS Premium.
 
01.18.2008 at 10:22AM PST, ID: 20692805
tstech248:
I am almost certain that is not the way to do it.  I have tried that numerous times also.
 
01.18.2008 at 10:27AM PST, ID: 20692845

Rank: Sage

ATIG:
you can change the OWA port or get an additional IP so they both can use 443
 
01.18.2008 at 10:28AM PST, ID: 20692851

Rank: Sage

RobWill:
To the best of my knowledge an SSL connection has to be over port 443. You may be able to share that port, but I don't believe you can change it. Some services can only run on one port.
 
01.18.2008 at 10:44AM PST, ID: 20692997

Rank: Master

spyordie007:
Thanks for the correction, you're right in that you cannot change it through IIS.  However I'm pretty sure you can still change it using ESM if you create a new site and than there is a trick to getting the site created on a non-standard SSL port:
http://support.microsoft.com/?kbid=904785

You'll still have to create the mailbox virtual directories (i.e. /exchange) but it should be possible.  I think I did it once in the lab several years back.

If you cant tell it's been a while since I've had to do much messing with legacy Exchange web sites ;)

Erik
 
01.18.2008 at 10:48AM PST, ID: 20693024

Rank: Sage

ATIG:
SSL connect can be on any port number you want the user would just have to add that the url ie https://mydomain.com/exchange:56789

I dont know how SBS may do it but you can change port in IIS or the ips bindings...
 
01.18.2008 at 10:57AM PST, ID: 20693077

Rank: Master

spyordie007:
Okay I have just confirmed that it is possible on one of my Exchange 2003 servers (though not SBS, although it should work the same):

1. In ESM Create a new HTTP Virtual Server and use the default port settings (I used gibberish for the host so it wouldnt interfere with the default site)
2. Edit the newly created HTTP virtual server and add a new 'identity'; delete the port 80 reference and the SSL field will no longer be greyed out, put in the new HTTPS port you wish to use (see MSFT KB 904785)
3. On the newly created HTTP Virtual Server create a new Virtual Directory named "Exchange" and specify 'Mailboxes for SMTP domain'
4. If you want to use FBA edit the HTTP Virtual Server now to specify
5. In the IIS Manager MSC edit your newly created site.  Under Directory Security>Server Certificate specify (or create) the certificate that you want to use
6. Reset IIS (iisreset /noforce)
7. Test using the new port

The additional step you will need to take to free up 443 would be to use the IIS Manager to edit the default web site and remove the SSL Identity on 443.

Cheers,
Erik
Accepted Solution
 
01.19.2008 at 12:31AM PST, ID: 20696591

Rank: Genius

TechSoEasy:
On an SBS you CANNOT change OWA's port number from 443.  If you do, you'll break a number of other SBS-based services.

spyordie007.... it's NEVER a good idea to assume that what works elsewhere "should work the same" on an SBS.  Elsewhere, you would never combine all the features and services included on an SBS... so SBS must remain with certain settings in order to not have conflicts and keep secure.

tstech248... if you need to use port 443 for your VPN appliance, you need to use a separate EXTERNAL Static IP Address for that device.  That's the only way to accommodate it.

Jeff
TechSoEasy
 
01.19.2008 at 11:07AM PST, ID: 20698549

Rank: Master

spyordie007:
Jeff-

Generally I'd agree with you, you should be very cautious when modifying any of the SBS components, because they are so highly integrated.

The changes that I've outlined creates an additional Virtual Server in IIS that runs in parallel to the existing ones created by SBS, the *only* actual modification of the SBS components is to remove 443 from IIS to free up the port.  Yes there are some caveats here in that the remote web workplace and other SSL protected virtual directories will no longer function, but they could be easily enabled again if this is a problem.

I also agree that the best option is to use a separate external IP for the SSL VPN device; however if that is not an option the steps I've outlined would accomplish the request and be supportable (again because we're not really editing much of the SBS components, the new site would run in parallel).

As always the usual disclaimer applies, tstech if you dont feel comfortable making any of these changes please DO NOT make any changes.

Erik
 
01.19.2008 at 11:46AM PST, ID: 20698679

Rank: Genius

TechSoEasy:
"Yes there are some caveats here in that the remote web workplace and other SSL protected virtual directories will no longer function"

Those are BIG caveats... and should have been mentioned in your initial comments.  But it's more than RWW, which tstech248 may not even be familiar with because that could possibly eliminate the need for this VPN appliance anyhow.  How much more than RWW?  You would essentially lose EVERY tool that SBS offers to ensure that management, maintenance and security are handled with the least amount of effort and lowest costs.

The SBSFLT.dll ISAPI Filter would be almost useless, and in fact, could cause problems for internal sites such as monitoring and reporting and backup.  If a component became corrupt (and we all know that happens from time to time) reinstalling it might not be possible without reverting back to the original 443 configuration first.

So if any of these things occur, it may not be so simple to just put 443 back on the default web site since the damange may already have been done.

We agree on what the best option would be (separate external IP) if this VPN applianance is deployed... but the real question should be, "why deploy something that's incompatible with SBS in the first place, if there are other valid methods to achieve the desired result?"  I would look at alternatives to this VPN appliance before suggesting a fundamental change to SBS's IIS structure.

Jeff
TechSoEasy




 
01.20.2008 at 11:59AM PST, ID: 20702194

Rank: Master

spyordie007:
So the thought occurs to me, perhaps we're making this out to be more complicated than it needs to be.

What are you using for an internet firewall?  Can you just change the port-forwarding on it to forward your non-standard SSL port back to 443 on the server and the standard port back to your SSL VPN appliance?

That way you could leave the SBS server alone, no changes required ;)

Erik
 
01.28.2008 at 04:27PM PST, ID: 20764338
tstech248:
Not sure what you mean by that but my internet firewall is a Linksys RVS4000.  Can you describe more?
 
01.28.2008 at 04:56PM PST, ID: 20764528

Rank: Master

spyordie007:
According to the Linksys users guide (I've never used one) you can specify external and internal ports when setting up the port forwarding; you could just set 443 as the internal port and than something else as the external port (thereby freeing up that port on the outside to FWD to your SSL VPN appliance.
 
01.28.2008 at 05:16PM PST, ID: 20764614
tstech248:
Lets say I set the external to 555.  What would I have to type in externally to get to OWA?  I hope you are on to something here!
 
01.28.2008 at 05:32PM PST, ID: 20764707

Rank: Master

spyordie007:
yes, in that case it would be:
https://your.url.com:555/exchange
In order to get to OWA.
 
01.28.2008 at 05:42PM PST, ID: 20764773
tstech248:
But I would still have to make changes to Exchange in order to make this work right?
 
01.28.2008 at 05:52PM PST, ID: 20764845
tstech248:
Also I was just thinking how would the router know to route traffic destined for the vpn box to that and owa traffic to the exchange box?
 
01.29.2008 at 08:57AM PST, ID: 20769686

Rank: Master

spyordie007:
You would not need to many any changes to Exchange.

In the router forward port 443 to 443 on the SSL VPN Appliance and port 555 to 443 on SBS.
 
01.29.2008 at 07:26PM PST, ID: 20774405

Rank: Genius

TechSoEasy:
Here's the sceen shot:
 
linksys-vpnports.jpg (57 KB) (File Type Details) 
RVS4000
RVS4000
 
 
 
20080236-EE-VQP-29 / EE_QW_2_20070628