?
Solved

Need help with OWA, Remote, Exchange Small Business server 2003 R2 Premium w/ ISA 2004

Posted on 2007-07-20
8
Medium Priority
?
413 Views
Last Modified: 2012-05-05
I just recently purchased a server with Small Business Server 2003 R2 Premium with ISA 2004 on it and I am having trouble getting the internet features working right.  This is the only server and I guess the setup would be typical for a small business.  I do have 3 NIC's installed, but I can't get things working with just 2 of them.  If I could set it up as a 3 -leg perimiter I want to do that even though all the services are in that one box.  I will settle for it working with just two NIC's if someone could help me out.  

I have one NIC for External and one for the LAN.  I have ran the Internet connection wizard multiple times, and I have been able to get access to the internet from the CLient and server. It seemed to have set up alot of the ISA routes and rules too.  Windows updates seem to work as well.  My first big problem is I cannot access OWA or Remote webservice from the Internet.  Locally both sites work fine.  I have registered the correct MX record with domain registrar as well.  I also have purchased a server certificate from a trusted authority too.  What do I need to check and make sure I have set right for the web request to pass through ISA and on to IIS?  using SSL as well I suppose.  Do I need to set up an A host record as well with my domain registrar?  

My second big issue is with Exchange server 2003.  I have somehow got it partially working.  I have been able to recieve email, but I haven't been able to send to a good bit of domains.  AOL, peoplpc, and even hotmail have kicked back emails.  Someone tried sending an email through the web interface of their peoplepc account and i kicked back saying couldnt start TLS.  Sending and recieving emails at this point seems random.  I am new to all of this and using a "smart host" seems like a good idea in case our server goes down that we can still get our emails.  I just don't really know what all is involved in setting that up.  I have added my current mail server as a smart host and even tried the mail server with my isp, but I can't be sure it is doing anything.  If anything I am guessing exchange was sending my emails to those servers for DNS queries.  Is there anyone that may could baby step me through all of this set up?

In conclusion,  I need OWA and Remote web services running over the internet.  I also need Exchange setup to send email without getting kicked back.  I would like to use a smart host incase my server is down or if I need it to make emails get to people on aol etc.  I may also need to expose another webservice, but hopefully if the OWA and remote services work that will work just as easy.   Maybe DNS config problems? or ISA issues?

Any help will be appreciated.  I am new the server business and to this site, so bearwith me.
0
Comment
Question by:squashie8
  • 4
  • 3
8 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 19534581
No offence but there are a number of questions here and none of them small as suggested by your comments that you are new to the topic. SBS uses wizards mainly for all of its configurations but this is in the expectation that you have two network ards - not three. The third will cause confusion for you if you run the wizards up as normal especially for the ISA Server.

I would strongly suggest that before you did anything you make sure you have an image or full system backup of your server before you start. Some of the things we may ask you to do could be dire if you get them wrong or if we misunderstand your needs. If you level knowledge is small (new product, new site etc), you could cause real grief for yourself.

Keith
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 19534817
Let's just focus on the Network Configuration.  You need to only have TWO NICs installed when you initially configure your server... the CEICW will not work properly with three NICs installed.  After you run the CEICW you can reinstall/re-enable the third NIC and configure it manually.  (although I don't really understand why you want this).

You also don't have to set up ANY rules in ISA server.  This is all done by the CEICW when it runs successfully.

Overall... you are thinking about this entire project with an Enterprise Server mindset... you need to forget about all of that and deploy and configure the SBS according to it's documentation.  You'll find that at http://sbsurl.com/start and http://sbsurl.com/start2 (for the R2 parts).  At this point you may be better off doing a full reinstall rather than trying to fix the installation you've now created.  Because if you follow the docs... it's really a fairly simple process.

If there is anything you don't like about the standard default configuration... wait until you at least get to that point before you start making changes.  That way you will at least have a functional network to start from!

Review this document as well:  http://sbsurl.com/itpro

Jeff
TechSoEasy
0
 

Author Comment

by:squashie8
ID: 19535597
I appreciate the advice, but I don't think re-installing would be necessary and that would pose other problems with reconfiguring the raid which I have never done before.  Most anything I have turned on I have turned back off if it didn't fix my problem.  I'm guessing my main problems lies between a ISA configuration issue and/or a DNS problem.  Since I can use the internet etc I'm guess it is more of a ISA issue between the two networks.  I will try looking at the doc's you linked to and hopefully that will help.  I thought it was a simple process to becuase I followed the wizards and step by step guides that came with the server.  I have also looked at multiple tutorials online and nothing has helped.  The problem seems big, but I think the solutions is quite simple.  I have just looked at it so much that I am missing the little detail.  I am also going to stick to your advice on just using the two NIC's as well.  I was looking at it from "seperate the web services from the internal network" point of view, but since it is all on the same box anyway I didn't figure it would matter.  I just didn't know if it would have been better from a security stand point that is why I asked.  Anyhow, thanks again and I will give it another shot.
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 19538022
No problem.  I realized that I should have given you the link to a good example of how to configure a TWO NIC SBS Network:  http://sbsurl.com/twonics

I also should have recommended that you get yourself a good SBS Book.  My list of recommendations is here:  http://sbsurl.com/list and it sounds like it would make sense for you to start with the Small Business Server 2003 Best Practices by Harry Brelsford.

If you were to reinstall... you wouldn't have to rebuild the RAID, only reformat it.  (okay... that's actually rebuilding it, but I was trying to make it seem as though it's not that difficult because it isn't).  If this is a Dell Server, all of that is done with the Dell Server Installation Disks anyhow... it's quite easy.  It's a common opinion that it takes at least three times to learn how to properly install an SBS.  See http://msmvps.com/blogs/kwsupport/archive/2006/08/17/107981.aspx for a great overview of this.  Since the server is new, it may be better to get it right from the start rather than to have a lingering issue.  But, of course, that's up to you.

And since I have a bit more time now... let me address a few of the comments you made so that you will hopefully be a bit clearer on all this.

"haven't been able to send to a good bit of domains.  AOL, peoplpc, and even hotmail have kicked back emails.  Someone tried sending an email through the web interface of their peoplepc account and i kicked back saying couldnt start TLS."

The most common reason for ISP's rejecting your email would be that either your IP address is within a DYNAMIC RANGE (even if it's static, some providers such as cable companies only have IP's to assign that are within a designated dynamic range).  If you check your mail server's performance and blacklists at www.mxtoolbox.com you'll find out if that's the case.  The other common reason would be that there isn't a PTR record configured for your SBS's External IP.  This is done by your Internet Service Provider... so again, same folks to contact and the report from MXToolbox will let you know if this is missing.

Did you manually modify the TLS setting in Exchange?

"I am new to all of this and using a "smart host" seems like a good idea in case our server goes down that we can still get our emails."

A smart host may be a good idea, but it has nothing to do with getting your email if your server goes down.  First of all, a smart host is for OUTBOUND email (with regards to this example) and Second of all, a properly provisioned, deployed and maintained SBS RARELY goes "down".  I have over done over 100 installs in the past few years and many of those only get rebooted when automatic updates come down and get installed... otherwise they might have uptimes as long as 6 months straight without even a peep.  Even then, the reboots are usually due to a modification rather than an error.  The exception is those who absolutely insisted that they shouldn't spend an additional few hundred dollars for quality hard drives.  But even a full hard drive crash hasn't kept any of my SBS installs down for more than 6 or 7 hours maximum and for that amount of time, your mail would just come in when the server came back up.

This is because SENDING servers are rather polite.  They will first query DNS to see if your server exists and what it's IP address is.  It will then try to make a connection to that server.  If it doesn't find it the sending server will keep trying for about 72-hours before finally giving up.

Additionally, if your server goes down, your Internet will as well.  But as I said. I don't really see those issues so it's better to spend your energy on just doing things per the best practices and documentation.

Jeff
TechSoEasy
0
 

Author Comment

by:squashie8
ID: 19539505
Thanks techsoeasy.  I will give it another go when I can get to the server.  I had already bought a SBS R2 book, so I'm covered there.  It is a new dell, but the disk that came with it were the typical SBS R2 premium disk from Microsoft.  It doesn't have the typical OEM restore disk.  I am new to servers, but not building PC's so I don't feel that reinstalling is a challange. I just don't want to not configure something right the way it came from the factory because I noticed dell had configured some type of an account as well as had their own certificate installed.  As far as the mail problem I found another post on this site that is similar to mine with the same ISP.  In the smart host field he had to put the multiple ip addresses of the mail server instead of the name.  That seemed to fix his problem.  Other than that I need to research the PTR record you mentioned.  Thanks again and I will let you know the outcome.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 19541661
What book did you buy?  Because there are a number of them that are written by folks who don't really understand the product (unfortunately).

Dell servers SHOULD come with both Microsoft Disks as well as the Dell Server Assistant Disk.  This is not a "typical restore" disk, and that's not what I was referring to.  You start with the Server Assistant Disk which helps to configure the RAID and any other driver need and then it will prompt you to insert the Microsoft Disk to install the OS.  

Also, if you use a Smart Host, the issue with the PTR won't matter, so choose one or the other.

Jeff
TechSoEasy
0
 

Author Comment

by:squashie8
ID: 19541702
10-4,  the book I got was windows small business server R2 Administrators companion by microsoft press.  It has helped me understand a good bit that I was unfamiliar with.  I do have those dell disk as well.  I also had them with me and had an old machine I figured I would practice with.  I do have two nic's installed and so far everything works the way it should. Updates, remote login and exchange.  In exchange I had to add all the Ip addresses in the smart host field in the smtp connector that a nslookup returned.  That fixed my email problems sending to aol and everywhere else as far as I can tell.  The only thing I screwed up was changing the sharepoint DB over to SQL 2005.  Well I think I did.  I just attached the database so I will see in a bit.  I appreciate the help.  
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 19541720
Sounds good... but that book really isn't the best, in my opinion.  I still recommend you splurge and spend the $40.00 for Harry's book... it's absolutely an investment that will pay off almost instantly.

Jeff
TechSoEasy
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month14 days, 8 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question