Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 237
  • Last Modified:

Remote access not working because of Network Configuration on Server

I am working on an SBS Server 2003 Standard  Edition with 2 NIC cards and a Dlink Router that is doing NAT. The server was originally setup without the Router in the picture and remote access worked. Is it possible to have the remote access work with this setup if the settings are right? The current settings are as follows:

Outside address
IP-192.168.16.2
SM-255.255.255.0
no gateway

DNS
192.168.16.2


Inside Address
IP-192.168.0.2
SM-255.255.255.0
DG-192.168.0.1

DNS
192.168.16.2


DLINK Router Settings
WAN

xx.xx.3.24
255.255.255.0
xx.xx.3.1
DNS
xx.xx.128.12
xx.xx.64.12


Port Forwarding
All forwards to 192.168.0.2

21
443
53
25
444
1723
3389
4125

The Router is not doing DHCP or DNS - the Server is doing both of those functions
So all the port forwarding is going to the inside address and not the outisde address.

My question is what is the right way to set this up?
0
JeanMBarnett
Asked:
JeanMBarnett
  • 7
  • 3
1 Solution
 
Rob WilliamsCommented:
Outside address usually is the one facing the Internet and would therefore have a gateway assigned.
Inside address would be that connected to your local LAN, it would not have a gateway assigned, and that would be your DNS address as well for the client machines and server.

What subnet are the client machines on/using 192.168.16.x or 192.168.0.x?

To answer your initial question, yes you should be able to add the D-Links router. However, some D-Links do not support GRE pass through, even though they may say so in the specs. If that were the only problem though, you would have a 721 error. An 800 error indicates no connection at all.

Please advise of the LAN subnet and we can give you specific instructions.
Also you do not want port 53 forwarded to the server, and 444 should be 443. It is also not recomended you use FTP on a SBS (port 21)
0
 
Rob WilliamsCommented:
Sorry, you didn't mention an 800 error. That was my assumption.
0
 
JeanMBarnettAuthor Commented:
Thanks RobWill,
 The LAN Subnet is 192.168.16.x

I don't get a 721 or 800 error when trying to hit the server by IP on the internet (xx.xx.3.24)

0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
Rob WilliamsCommented:
OK then your config looks fine, it's just the Inside and Outside names are reversed.

For the record you need to test from off site (Internet side of the D-Link)
What happens when you try to connect? No errors at all?
I just tried connecting and of course couldn't without user name and password, but it did start the "handshaking" so it sounds like the basic port forwarding is working.
I assume your workstations can access the Internet OK?

I would recommend asking the moderators to remove you public IP at some point just for long term security.
http://www.experts-exchange.com/Community_Support/General/#browseZones
0
 
JeanMBarnettAuthor Commented:
Thanks - that good advcie.

 I see that I didn't ask the question correctly. As soon as I saw your answer I tried using remote desktop to connect to the IP - and yes it did work. The access that is not working I guess is the sharepoint site where you can do OWA. On other SBS Servers that I have worked on when you type in the external IP you get the Welcome Page of the SBS Server and can then click on remote web workplace to access your email.
0
 
Rob WilliamsCommented:
That may be due to the port forwarding.
On a dedicated Sharepoint server it is common to need port 444, however SBS grants access to OWA (Outlook Web Access), and RWW (Remote Web Work) place using port 443 and 4125. The Sharepoint site is accessed through RWW.
You need to connect to the two using httpS
https://YourSBS.YourDomain.abc/Exchange
https://YourSBS.YourDomain.abc/Remote
or you can substitute YourSBS.YourDomain.abc with the IP.


0
 
Rob WilliamsCommented:
Just tested and both your OWA and RWW pages seem to be working, at least as far as the logon page. Might you be forgetting the s on https?
0
 
Rob WilliamsCommented:
By the way if your browser is running Internet Explorer 7 you may get an error page indicating there is a problem with the web sites security certificate . You can click on "continue to this web site (not recommended)". Once you do you can carry on, or to avoid the problem at a later date choose certificate error on the menu bar, then view certificate, install certificate, and just click all the defaults. Next time when connecting from that site you shouldn't get the error.
0
 
JeanMBarnettAuthor Commented:
That was it. You rock RobWill :)
0
 
Rob WilliamsCommented:
Great ! That's good news.
Thanks JeanMBarnett.
Cheers
--Rob
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now