Avatar of fi8224
fi8224 asked on

Outlook Web Access is blocked by ISP

My ISP blocks incoming http port 80. I have a cable modem that gives a dynamic IP address to my Sonicwall firewall. I also have a few Wintel servers behind the firewall, one of which I would like to get Outlook Web Access to work on. I depend upon port redirection to get the different services to work. I would also like to advertise a web page, but I'll work on that problem after this one. I have an external DNS service that can do DNS port redirection. But I can't seem to get what I want to do to work on the server end. The firewall has redirected port 8080 to the correct server.
Now for the question. How do I get OWA to use a different port?  I woulld like to use port 8080 for the Outlook web access page.
Rob
Windows 2000

Avatar of undefined
Last Comment
fi8224

8/22/2022 - Mon
What90

Hi fi8224,

Open up ISM, find the (usually the default web site)OWA site, right click on properties and change port 80 to port 8080.

That's it.

ASKER
fi8224

I've tried that. I would type in just the "remote.domainname.com" but it wasn't automatically filling http:// in the web browser. Duh... Still can't get the page to open up outside of the network though.
I must be have some kind of firewall issue because while I can resolve the web page for exchange internally and externally, I can only open the page internally. Externally it times out. When I say resolves, I can see the web page trying to go to the correct ip address and port number. The page just sort of gives up trying to open.
Any ideas on how to check if its a firewall issue or not.? Because I'm using a cable modem with a dynamic ip address, its not feasable to try the connection with out the firewall.
ASKER CERTIFIED SOLUTION
What90

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
fi8224

I've noticed in other posts that people seem to have some confusion about DNS port redirection. Let me clear this up. It is possible to have a DNS provider, like www.easydns.com, to port direct a dns query. This helps for situations where the desired port is blocked for what ever reason. In my case port 80 is blocked and out of my control. So I have the DNS provider redirect my domain name to port 8080. When I ping remote.domainname.com, it wont resolve because its only going to port 8080. When I try to go to the web page from a workstation outside of my network, which I can do from a client's server using terminal services, I can see the browser resolve the name http://remote.rob-tec.com to 67.86.166.12:8080. That tells me that that part of the configuration is working correctly.
I can't however get the web page to open. So something else is the problem.
I can open the web page internal to my network when I type the http://internal ip address:8080 in my browser. That tells me that I have the "default web site" configured to use port 8080 correctly.
My only guess is that some how the firewall is screwing things up. Even though I'm clearly redirecting port 8080 for tcp,6, to the internal ip address of the server or that somehow I don't have the security settings on the website set correctly.
Does anyone know what the correct settings should be to allow proper access from the outside.
Your help has saved me hundreds of hours of internet surfing.
fblack61
mikeleebrla

you have some other issues going on,,,,

i just did an NSLOOKUP on remote.rob-tec.com and it resolved to 216.220.40.244 from web.fwd.easynds.com

but if i typed in http://remote.rob-tec.com/ in IE you can see that it is attempting to open 67.86.166.12:8080 just like you said,,, would seems like it would work,, but i still get a page cannot be displayed error......

even it i type in http://67.86.166.12:8080 directly,, i still get a page cannot be displayed error,,, which means you have at least 2 proplems,,,,

1. http://67.86.166.12:8080 isn't getting to your webserver like it should... my guess is your router isn't forwarding it correctly. what is probably happening is your router is set up to forward anything looking for http://67.86.166.12 to port 8080 , but the fact that port 8080 is already attached to the end is messing it up. what kind of router do you have?

2.  for whatever reason,,, and i dont know why,,, you are getting two different IPs when you try to resolve http://remote.rob-tec.com/... i am getting  http://67.86.166.12:8080 and 216.220.40.244  depending on which method i do the lookup.
ASKER
fi8224

My dns service is easydns.com. They are a great service, easy to configure and make changes via the web. I use them for many clients. The 216.220.40.244 is one of their servers. I have email bagging set up. Irrespective of the dns info, if you enter the ip address:8080, should get to the web page. But you don't. It errors out. I have a feeling that the isp may be actually filtering out port 8080 as a proxy port. So I'm going to try changing the port to something different. I will advise what it is when I do.
PS: this is a great interface for tech support. I value each and every response.
Rob
ASKER
fi8224

I found that my isp was also blocking port 8080. I changed the port thanks for your inputs.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
What90

shailendra_patankar identifed the problem, and I answered the first question :-)

Split between the two of us?
ASKER
fi8224

You guys were right. You definately had me on the right track. I ended up finding a port that wasn't blocked by the ISP and then doing dns port redirection with an online dns service. The one I used and use for a number of clients is www.dns.com. A great service for 20.00 a year.
ASKER
fi8224

excuse the error, I meant to say www.easydns.com
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
What90

Ta for the update, who was the ISP out of curiosity?
ASKER
fi8224

Cablevision