stevendawson
asked on
How can I access this other server from web?
HI,
I have an SBS box (not ISA Server version) with 2 NIC's External is 192.168.1.200 (router on 192.168.1.1) Internal 192.168.16.1. I should say right now everthing works fine on this box including all remote access:-) This company have just had a VOIP telephone system installed which needs access on port 4000 through to the VOIP server on 192.168.16.201 (which has been set as static).
They have a single static IP address from the web so when a request comes in on port 4000 how do I get it directly through to that VOIP server? I have allowed access through the Broadband Router on port 4000 to the SBS box on 192.168.1.200, I have re run the internet connection wizard and opened port 4000, but I guess the part missing is to tell SBS, send port 4000 requests to 192.168.1.200
Can anybody help?
Thanks
Steve
I have an SBS box (not ISA Server version) with 2 NIC's External is 192.168.1.200 (router on 192.168.1.1) Internal 192.168.16.1. I should say right now everthing works fine on this box including all remote access:-) This company have just had a VOIP telephone system installed which needs access on port 4000 through to the VOIP server on 192.168.16.201 (which has been set as static).
They have a single static IP address from the web so when a request comes in on port 4000 how do I get it directly through to that VOIP server? I have allowed access through the Broadband Router on port 4000 to the SBS box on 192.168.1.200, I have re run the internet connection wizard and opened port 4000, but I guess the part missing is to tell SBS, send port 4000 requests to 192.168.1.200
Can anybody help?
Thanks
Steve
What you need to do is configure the broadband router to forward port 4000 to 192.168.1.201 (VOIP server).
When you configure the router you want to tell it to forward traffic to specific servers. You don't want to foward everything to the SBS server and then have the SBS server forward the traffic. If you were doing this you would need ISA Server on the SBS box.
When you configure the router you want to tell it to forward traffic to specific servers. You don't want to foward everything to the SBS server and then have the SBS server forward the traffic. If you were doing this you would need ISA Server on the SBS box.
ASKER
Thanks for the input, I only have a single static IP web facing and of course I dont want the internal network opened any further than neccesary. As the NIC on the SBS is the connection to the router and on 192.168.1. range, then configuring a port forward is not directly possible as the internal network is on 192.168.16 range which is why I figured it needs to somehow pass through SBS?
Any further thoughts?
Steve
Any further thoughts?
Steve
If your VOIP server has an IP of 192.168.1.201 then you would need to plug that directly into your Router.
Have you not done that?
Jeff
TechSoEasy
Have you not done that?
Jeff
TechSoEasy
ASKER
Hi Jeff, The VOIP server has an IP of 192.168.16.201 as it is on the internal network (otherwise the phones wont work at all.) and with the SBS having 2 NIC cards, thats where I'm stumped.
Sorry... it's easy to get confused when you don't provide a complete IPCONFIG /ALL. Please do that so we can see what's what.
Jeff
TechSoEasy
Jeff
TechSoEasy
ASKER
Hi Jeff,
domain name changed to example
Thanks
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>ipc onfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . :example-SERVER
Primary Dns Suffix . . . . . . . : example.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : example.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\Administrator>
domain name changed to example
Thanks
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . :example-SERVER
Primary Dns Suffix . . . . . . . : example.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : example.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\Administrator>
Okay... first you need to remove the WINS Server IP (192.168.16.2) from your External NIC. This isn't related to your question, but it will cause other problems if you keep it there. After removing that, rerun the CEICW to get the settings up-to-date with that.
Then... for your VOIP System...
If you need port 4000 forwarded to a specific IP within your LAN, you first need to forward it in your router from 192.168.1.1 to 192.168.1.200.
Then, to get it to 192.168.16.201, you need to do the following:
Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall > RIGHT Click on the External NIC > Properties> Services and Ports tab.
Then just add your VOIP and it's IP/port just as you would on your router (since RRAS is just another router NAT device). ie, enter port 4000 pointing to 192.168.16.201.
Jeff
TechSoEasy
Then... for your VOIP System...
If you need port 4000 forwarded to a specific IP within your LAN, you first need to forward it in your router from 192.168.1.1 to 192.168.1.200.
Then, to get it to 192.168.16.201, you need to do the following:
Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall > RIGHT Click on the External NIC > Properties> Services and Ports tab.
Then just add your VOIP and it's IP/port just as you would on your router (since RRAS is just another router NAT device). ie, enter port 4000 pointing to 192.168.16.201.
Jeff
TechSoEasy
ASKER
Hi Jeff,
I changed the External NIC as per your reccomendation. Then I reran the CEICW, does this look ok to you now?
Host Name . . . . . . . . . . . . : example-SERVER
Primary Dns Suffix . . . . . . . : example.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : example.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\Administrator>
I then followed your information but I still dont seem to have access:-(
I am 100% confident the router is forwarding port 4000 to the SBS on 192.168.1.200
Then I did this...
Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall >
FYI, In here I can see
Server local Area Connection
Network Connection
Loopback
Internal
Then you said...
RIGHT Click on the External NIC > Properties> Services and Ports tab.
So Im doing that on the one labeled as "Network Connection" I have added the port forward to 192.168.16.201, 400 IN and 4000 out.
All that and it doesnt't work. Am I maybe missing something?
One other thing, on the NAT/Basic Firewall > page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?
Thanks again
Steve
I changed the External NIC as per your reccomendation. Then I reran the CEICW, does this look ok to you now?
Host Name . . . . . . . . . . . . : example-SERVER
Primary Dns Suffix . . . . . . . : example.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : example.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
Physical Address. . . . . . . . . : 00-15-17-37-D8-B0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-18-8B-FD-65-E9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\Administrator>
I then followed your information but I still dont seem to have access:-(
I am 100% confident the router is forwarding port 4000 to the SBS on 192.168.1.200
Then I did this...
Open the Server Management Console > Advanced Management > Computer Management > Services and Applications > Routing and Remote Access > IP Routing > NAT/Basic Firewall >
FYI, In here I can see
Server local Area Connection
Network Connection
Loopback
Internal
Then you said...
RIGHT Click on the External NIC > Properties> Services and Ports tab.
So Im doing that on the one labeled as "Network Connection" I have added the port forward to 192.168.16.201, 400 IN and 4000 out.
All that and it doesnt't work. Am I maybe missing something?
One other thing, on the NAT/Basic Firewall > page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?
Thanks again
Steve
I would assume Network Connection is the correct one to configure. I'll also assume that you made a typo above and you meant to say "4000 IN" instead of "400 IN".
Are you confident that your VOIP server is in fact set to 192.168.16.201? Generally a DHCP reservation is the best way to accomplish this.
"One other thing, on the NAT/Basic Firewall > page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?"
Inbound Packets Rejected should say Zero... you don't want any packets rejected you want them translated.
I would suggest that after checking the above, you rerun the CEICW and make sure that the "Firewall is enabled" although it won't show your VOIP setting because settings made in the CEICW can only be set to 127.0.0.1, not other servers.
Then, reboot everything and see if it's working.
You might also check with the VOIP company to make sure that the NIC's you are using have the proper protocols installed and are capable of handling the VOIP traffic.
Jeff
TechSoEasy
Are you confident that your VOIP server is in fact set to 192.168.16.201? Generally a DHCP reservation is the best way to accomplish this.
"One other thing, on the NAT/Basic Firewall > page - Incoming packets rejected says Zero. Is that any sort of clue that things are not reaching that?"
Inbound Packets Rejected should say Zero... you don't want any packets rejected you want them translated.
I would suggest that after checking the above, you rerun the CEICW and make sure that the "Firewall is enabled" although it won't show your VOIP setting because settings made in the CEICW can only be set to 127.0.0.1, not other servers.
Then, reboot everything and see if it's working.
You might also check with the VOIP company to make sure that the NIC's you are using have the proper protocols installed and are capable of handling the VOIP traffic.
Jeff
TechSoEasy
ASKER
Hi Jeff,
Yes I did make a typo, yes I am confident the VOIP servers IP is 192.168.16.201 because I can access it via web browser on that IP when I am logged into the SBS box remotely. there is also a port tester utility which I ran from the SBS server and test port 4000 on the VOIP server. It test as all OK.
I ran the wizard again and rebooted but it is the same. Could it be anything to do with the Nat/Basic settings tab?
I also noticed that when I right click and "show mappings" on the connection I do not see that port that I added in the list. Its definately in the services & ports tab and its ticked.
Any other thoughts.
Steve
Yes I did make a typo, yes I am confident the VOIP servers IP is 192.168.16.201 because I can access it via web browser on that IP when I am logged into the SBS box remotely. there is also a port tester utility which I ran from the SBS server and test port 4000 on the VOIP server. It test as all OK.
I ran the wizard again and rebooted but it is the same. Could it be anything to do with the Nat/Basic settings tab?
I also noticed that when I right click and "show mappings" on the connection I do not see that port that I added in the list. Its definately in the services & ports tab and its ticked.
Any other thoughts.
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Jeff, I will give this a look and get back to you.
Steve
Steve
Hope that helps some.