fi8224
asked on
Outlook Web Access is blocked by ISP
My ISP blocks incoming http port 80. I have a cable modem that gives a dynamic IP address to my Sonicwall firewall. I also have a few Wintel servers behind the firewall, one of which I would like to get Outlook Web Access to work on. I depend upon port redirection to get the different services to work. I would also like to advertise a web page, but I'll work on that problem after this one. I have an external DNS service that can do DNS port redirection. But I can't seem to get what I want to do to work on the server end. The firewall has redirected port 8080 to the correct server.
Now for the question. How do I get OWA to use a different port? I woulld like to use port 8080 for the Outlook web access page.
Rob
Now for the question. How do I get OWA to use a different port? I woulld like to use port 8080 for the Outlook web access page.
Rob
ASKER
I've tried that. I would type in just the "remote.domainname.com" but it wasn't automatically filling http:// in the web browser. Duh... Still can't get the page to open up outside of the network though.
I must be have some kind of firewall issue because while I can resolve the web page for exchange internally and externally, I can only open the page internally. Externally it times out. When I say resolves, I can see the web page trying to go to the correct ip address and port number. The page just sort of gives up trying to open.
Any ideas on how to check if its a firewall issue or not.? Because I'm using a cable modem with a dynamic ip address, its not feasable to try the connection with out the firewall.
I must be have some kind of firewall issue because while I can resolve the web page for exchange internally and externally, I can only open the page internally. Externally it times out. When I say resolves, I can see the web page trying to go to the correct ip address and port number. The page just sort of gives up trying to open.
Any ideas on how to check if its a firewall issue or not.? Because I'm using a cable modem with a dynamic ip address, its not feasable to try the connection with out the firewall.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've noticed in other posts that people seem to have some confusion about DNS port redirection. Let me clear this up. It is possible to have a DNS provider, like www.easydns.com, to port direct a dns query. This helps for situations where the desired port is blocked for what ever reason. In my case port 80 is blocked and out of my control. So I have the DNS provider redirect my domain name to port 8080. When I ping remote.domainname.com, it wont resolve because its only going to port 8080. When I try to go to the web page from a workstation outside of my network, which I can do from a client's server using terminal services, I can see the browser resolve the name http://remote.rob-tec.com to 67.86.166.12:8080. That tells me that that part of the configuration is working correctly.
I can't however get the web page to open. So something else is the problem.
I can open the web page internal to my network when I type the http://internal ip address:8080 in my browser. That tells me that I have the "default web site" configured to use port 8080 correctly.
My only guess is that some how the firewall is screwing things up. Even though I'm clearly redirecting port 8080 for tcp,6, to the internal ip address of the server or that somehow I don't have the security settings on the website set correctly.
Does anyone know what the correct settings should be to allow proper access from the outside.
I can't however get the web page to open. So something else is the problem.
I can open the web page internal to my network when I type the http://internal ip address:8080 in my browser. That tells me that I have the "default web site" configured to use port 8080 correctly.
My only guess is that some how the firewall is screwing things up. Even though I'm clearly redirecting port 8080 for tcp,6, to the internal ip address of the server or that somehow I don't have the security settings on the website set correctly.
Does anyone know what the correct settings should be to allow proper access from the outside.
you have some other issues going on,,,,
i just did an NSLOOKUP on remote.rob-tec.com and it resolved to 216.220.40.244 from web.fwd.easynds.com
but if i typed in http://remote.rob-tec.com/ in IE you can see that it is attempting to open 67.86.166.12:8080 just like you said,,, would seems like it would work,, but i still get a page cannot be displayed error......
even it i type in http://67.86.166.12:8080 directly,, i still get a page cannot be displayed error,,, which means you have at least 2 proplems,,,,
1. http://67.86.166.12:8080 isn't getting to your webserver like it should... my guess is your router isn't forwarding it correctly. what is probably happening is your router is set up to forward anything looking for http://67.86.166.12 to port 8080 , but the fact that port 8080 is already attached to the end is messing it up. what kind of router do you have?
2. for whatever reason,,, and i dont know why,,, you are getting two different IPs when you try to resolve http://remote.rob-tec.com/... i am getting http://67.86.166.12:8080 and 216.220.40.244 depending on which method i do the lookup.
i just did an NSLOOKUP on remote.rob-tec.com and it resolved to 216.220.40.244 from web.fwd.easynds.com
but if i typed in http://remote.rob-tec.com/ in IE you can see that it is attempting to open 67.86.166.12:8080 just like you said,,, would seems like it would work,, but i still get a page cannot be displayed error......
even it i type in http://67.86.166.12:8080 directly,, i still get a page cannot be displayed error,,, which means you have at least 2 proplems,,,,
1. http://67.86.166.12:8080 isn't getting to your webserver like it should... my guess is your router isn't forwarding it correctly. what is probably happening is your router is set up to forward anything looking for http://67.86.166.12 to port 8080 , but the fact that port 8080 is already attached to the end is messing it up. what kind of router do you have?
2. for whatever reason,,, and i dont know why,,, you are getting two different IPs when you try to resolve http://remote.rob-tec.com/... i am getting http://67.86.166.12:8080 and 216.220.40.244 depending on which method i do the lookup.
ASKER
My dns service is easydns.com. They are a great service, easy to configure and make changes via the web. I use them for many clients. The 216.220.40.244 is one of their servers. I have email bagging set up. Irrespective of the dns info, if you enter the ip address:8080, should get to the web page. But you don't. It errors out. I have a feeling that the isp may be actually filtering out port 8080 as a proxy port. So I'm going to try changing the port to something different. I will advise what it is when I do.
PS: this is a great interface for tech support. I value each and every response.
Rob
PS: this is a great interface for tech support. I value each and every response.
Rob
ASKER
I found that my isp was also blocking port 8080. I changed the port thanks for your inputs.
shailendra_patankar identifed the problem, and I answered the first question :-)
Split between the two of us?
Split between the two of us?
ASKER
You guys were right. You definately had me on the right track. I ended up finding a port that wasn't blocked by the ISP and then doing dns port redirection with an online dns service. The one I used and use for a number of clients is www.dns.com. A great service for 20.00 a year.
ASKER
excuse the error, I meant to say www.easydns.com
Ta for the update, who was the ISP out of curiosity?
ASKER
Cablevision
Open up ISM, find the (usually the default web site)OWA site, right click on properties and change port 80 to port 8080.
That's it.