[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How can I access this other server from web?

Posted on 2007-10-20
13
Medium Priority
?
493 Views
Last Modified: 2010-04-19
HI,

I have an SBS box (not ISA Server version) with 2 NIC's External is 192.168.1.200 (router on 192.168.1.1) Internal 192.168.16.1. I should say right now everthing works fine on this box including all remote access:-) This company have just had a VOIP telephone system installed which needs access on port 4000 through to the VOIP server on 192.168.16.201 (which has been set as static).

They have a single static IP address from the web so when a request comes in on port 4000 how do I get it directly through to that VOIP server? I have allowed access through the Broadband Router on port 4000 to the SBS box on 192.168.1.200, I have re run the internet connection wizard and opened port 4000, but I guess the part missing is to tell SBS, send port 4000 requests to 192.168.1.200

Can anybody help?

Thanks

Steve
0
Comment
Question by:stevendawson
13 Comments
 
LVL 13

Expert Comment

by:cshepfam
ID: 20115853
Normally if you need to access a server from the web, you'll need a public IP address.  Then in your firewall, do a one to one NAT and direct traffic to the private IP address.


Hope that helps some.
0
 
LVL 13

Expert Comment

by:bluetab
ID: 20117143
What you need to do is configure the broadband router to forward port 4000 to 192.168.1.201 (VOIP server).  

When you configure the router you want to tell it to forward traffic to specific servers.  You don't want to foward everything to the SBS server and then have the SBS server forward the traffic.  If you were doing this you would need ISA Server on the SBS box.  
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20117893
Thanks for the input, I only have a single static IP web facing and of course I dont want the internal network opened any further than neccesary. As the NIC on the SBS is the connection to the router and on 192.168.1. range, then configuring a port forward is not directly possible as the internal network is on 192.168.16 range which is why I figured it needs to somehow pass through SBS?

Any further thoughts?

Steve
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20120863
If your VOIP server has an IP of 192.168.1.201 then you would need to plug that directly into your Router.

Have you not done that?

Jeff
TechSoEasy
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20121826
Hi Jeff, The VOIP server has an IP of 192.168.16.201 as it is on the internal network (otherwise the phones wont work at all.) and with the SBS having 2 NIC cards, thats where I'm stumped.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20125281
Sorry... it's easy to get confused when you don't provide a complete IPCONFIG /ALL.  Please do that so we can see what's what.

Jeff
TechSoEasy
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20126199
Hi Jeff,

domain name changed to example

Thanks


Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . :example-SERVER
   Primary Dns Suffix  . . . . . . . : example.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : example.local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
   Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.16.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2

Ethernet adapter Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.200
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\Administrator>
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20146002
Okay... first you need to remove the WINS Server IP (192.168.16.2) from your External NIC.  This isn't related to your question, but it will cause other problems if you keep it there.  After removing that, rerun the CEICW to get the settings up-to-date with that.

Then... for your VOIP System...

If you need port 4000 forwarded to a specific IP within your LAN, you first need to forward it in your router from 192.168.1.1 to 192.168.1.200.

Then, to get it to 192.168.16.201, you need to do the following:
Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall > RIGHT Click on the External NIC > Properties>  Services and Ports tab.

Then just add your VOIP and it's IP/port just as you would on your router (since RRAS is just another router NAT device).  ie, enter port 4000 pointing to 192.168.16.201.

Jeff
TechSoEasy
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20147607
Hi Jeff,

I changed the External NIC as per your reccomendation. Then I reran the CEICW, does this look ok to you now?

   Host Name . . . . . . . . . . . . : example-SERVER
   Primary Dns Suffix  . . . . . . . : example.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : example.local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
   Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.16.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2

Ethernet adapter Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.200
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\Administrator>

I then followed your information but I still dont seem to have access:-(
I am 100% confident the router is forwarding port 4000 to the SBS on 192.168.1.200

Then I did this...

Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall > 

FYI, In here I can see

Server local Area Connection
Network Connection
Loopback
Internal

Then you said...

RIGHT Click on the External NIC > Properties>  Services and Ports tab.

So Im doing that on the one labeled as "Network Connection" I have added the port forward to 192.168.16.201, 400 IN and 4000 out.

All that and it doesnt't work. Am I maybe missing something?

One other thing, on the  NAT/Basic Firewall >  page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?

Thanks again

Steve




0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20147907
I would assume Network Connection is the correct one to configure.  I'll also assume that you made a typo above and you meant to say "4000 IN" instead of "400 IN".

Are you confident that your VOIP server is in fact set to 192.168.16.201?  Generally a DHCP reservation is the best way to accomplish this.

"One other thing, on the  NAT/Basic Firewall >  page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?"

Inbound Packets Rejected should say Zero... you don't want any packets rejected you want them translated.

I would suggest that after checking the above, you rerun the CEICW and make sure that the "Firewall is enabled"  although it won't show your VOIP setting because settings made in the CEICW can only be set to 127.0.0.1, not other servers.

Then, reboot everything and see if it's working.

You might also check with the VOIP company to make sure that the NIC's you are using have the proper protocols installed and are capable of handling the VOIP traffic.

Jeff
TechSoEasy
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20148587
Hi Jeff,

Yes I did make a typo, yes I am confident the VOIP servers IP is 192.168.16.201 because I can access it via web browser on that IP when I am logged into the SBS box remotely. there is also a port tester utility which I ran from the SBS server and test port 4000 on the VOIP server. It test as all OK.

I ran the wizard again and rebooted but it is the same. Could it be anything to do with the Nat/Basic settings tab?

I also noticed that when I right click and "show mappings" on the connection I do not see that port that I added in the list. Its definately in the services & ports tab and its ticked.

Any other thoughts.

Steve
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 1500 total points
ID: 20149065
There won't be any mappings showing if there is not any connection made with traffic flowing.

There are a number of ways to test the port... see http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx for a few.

Jeff
TechSoEasy
0
 
LVL 2

Author Comment

by:stevendawson
ID: 20149199
Thanks Jeff, I will give this a look and get back to you.

Steve
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
Loops Section Overview
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question