Remote web workplace not working

After 2 months of smooth operation, Remote web workplace, OWA, etc stopped working.

When I go to https://office.ourdomain.net/remote I am getting a 404 page not found.
If I go to https://office.ourdomain.net I am brought to our main website.
Under Default website, there is a vitrual directory for REMOTE and points to c:/inetpub/remote

If I go to https://192.168.0.1/remote I can get in fine (as well as /exchange for OWA)

I reran CEICW, and Configure Remote Access and it seems to go well. Everyone gets the email about being granted RWW and tells them to go to https://office.ourdomain.net/remote. But when we do, we get a warning about the cert not being, then a 404




Only thing that changed was trying to add  a 3rd party ssl cert (godaddy) via their instructions for IIS6 which involved creating a snapin for intermediate certificate bundle, then installed ssl. I have since removed their certs, reran ceicw and let sbs create it's own cert
bvar94Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bvar94Author Commented:
any ideas? things to check?
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Most likely Windows Server 2003 SP2 has now been installed which can cause connectivity problems like this.  Please download and run the SBS Best Practices Analyzer which will tell you which additional updates you need.

http://sbsurl.com/bpa

You will also find information about SP2 here:  http://sbsurl.com/sp2

Finally, be sure that your NIC's Driver is the most up-to-date available.

Jeff
TechSoEasy
0
bvar94Author Commented:
OK, ran BPA and critical errors as follows"

Receive side scaling is enabled
Task Offloading is enabled
TCP Chimney is enabled
TCPA is enabled

All issues:
EDNS is enabled
Pop3 connectorhas not been updated
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

bvar94Author Commented:
another note: I am able to get inremotely  to the network (not rww)  by using the  remote connection disk
0
bvar94Author Commented:
found new drivers on Broadcom's site which are newer than the ones on Asus's site (built in nics on Asus board).
I have to wait until everyone goes home to try them though.
0
bvar94Author Commented:
Installed new drivers. Fixed all critical errors in BPA. Reran ceicw and configure remote access wizards.

Still getting page not found externally. I get a cert warning then 404

0
bvar94Author Commented:
More....it seems the link that used to take me to RWW is now taking me to our main website, if that helps
0
bvar94Author Commented:
I take it, I am on my own?
0
bvar94Author Commented:
I reran CEICW and unchecked RWW.....went to htts://192.168.0.1/remote and it worked?.
Then I reran CEICW checked RWW, received the email saying RWW is now available by going to https://office.ourdomain.net/remote. When I click the link, I get the cert warning, click OK, then get a 404
0
bvar94Author Commented:
looking at other suggestions, In IIS under Default website>home directory, under execute permissions, it says "scripts only"....should it be scripts and executables"?
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If you are only getting a 404 error on /remote then I'd suspect that you have installed .NET 2.0 and it got configured on the /remote virtual directory.  If this is true, then check the ASP .NET tab of the /remote directory's properties and switch it from 2.0 to 1.1.4322, then restart IIS.

Jeff
TechSoEasy
0
bvar94Author Commented:
I do not see a tab

I also do'nt believe I have .net2
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If you don't have .NET 2.0 installed, you won't have the tab.

In rereading your question, I see that I missed a couple of things the first time... sorry about that... it's been a wildly busy week.

Anyhow... rereading the question made me then view your previous question about this subject (http:Q_23156916.html) and see that you have your external IP address configured on the default web site.  That should be set to "All Unassigned", because otherwise the internal sites won't resolve externally.

Change that and then rerun the CEICW.  

That won't stop your default site from working as long as it's either located in c:\inetpub\wwwroot.  If you want to locate the files for that site in another directory, then right click on the default.htm page from within IIS manager and configure it as a re-direct.

I'm also wondering how you originally configured the redirect for https://office.company.net to go to the /remote directory directly.  Because this can't be done with a host header.  But don't worry about that now... first change the IP Address and run the CEICW to see if it fixes the resolution problem from external locations.

Jeff
TechSoEasy
0
bvar94Author Commented:
Default website is
*all unassigned*
TCP Port 80
SSL Port 443

ISAPI Filters Tab:
^ SBSFLT high priority
^fpexedll.dll Low priority
^OWALogon unknown priority


Home Directory tab:
c:\inetpub\wwwroot
Read, log visits, and indexthis resource are checked
Application name: Default Application
Starting Point: Default website
Execute Permissions: scripts only
Application Pool: DefaultappPool


As far as "Im also wondering how you originally configured the redirect for https://office.company.net to go to the /remote directory directly"

I didn't do anything special before. "office.ourdomain.net is just another name that points to our ip address which is the same as our website
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
So, is your company's web site located in the wwwroot folder?

Because I'm wondering if you can get to ANY page in the Default Web Site directory?

Jeff
TechSoEasy

0
bvar94Author Commented:
No,  it is not in the wwwroot directory. It never was and worked until now.

If I go to https://192.168.0.1/remote I can use RWW

In IIS> SBS (local computer) under websites I have:
Default Website
Microsoft Sharepoint Administration
Sharepoint Central Administration
companyweb
OurWebsite
0
bvar94Author Commented:
Another note/question

In the "Ourwebsite" there is no "remote" directory so I would think typing https://office.ourwebsite.net/remote (which is what the wizard says to input) into a browser would create a 404 because there is no remote directory under Ourwebsite. I figured the ceicw set something up to direct that request to the default website/remote.
I would rather not try doing things outside of the wizards on my own for fear of messing things up.

Companyweb works internally
Exchangel works fine
I can create a remote desktop connection  into the server from home.
VPN is working
Internally if I go to http://serverip/remote,  RWW comes up
0
bvar94Author Commented:
Should our company's website be installed within the Default Website directory? I was reading Help and support and this is what I am understanding....please correct me if I am wrong.
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Can you please post a screen shot of your Web Sites in IIS?

(similar to the view below)
image.png
0
bvar94Author Commented:
0
bvar94Author Commented:
anything else you need to see? I do not want to "manually" change anything in SBS without your thoughts
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I've been a bit busy the past couple of days, sorry for not responding eariler... and no that's all I need to see.

The problem is that you've assigned your external IP address to your www site, which means that on the default site "all unassigned" doesn't include that IP anymore.  Plus you have port 443 configured on two separate sites intending to use the same external IP address, which isn't allowed.

I'm assuming that you don't need to have SSL on your company's regular web site.  So to fix your problem, you need to remove port 443 from that site, and then set it's IP address to "all unassigned" but add the following to the host headers in the "Advanced" settings for IP address:

ourwebsite.net
www.ourwebsite.net

This will direct any request for those FQDN's to go to that virtual web site, whereas, a request for office.ourwebsite.net will go to your default site (no host header needed, since anything that doesn't match the host headers configured for your regular web site will "default" to the default site -- plus you can't use host headers on that site).

After making those changes you can rerun the CEICW.

Jeff
TechSoEasy
0
bvar94Author Commented:
OK, On our website (shown as Ni), I removed 443 from SSL port, Changed the 78.88.xxx.xxx to *All Unassigned"  and in Advanced in IP for Multplie identies for this website I added  - TCP port 80 - Host Header value -  ourwebsite.net and also the same for www.ourwebsite.net
Reran ceicw and remote acess and still get the same thing.
office.oursite.net brings me to our regular website.

I noticed that when I view our websites (like the screenshot I posted) under host header value, it is blank for NI (ourwebsite)
0
bvar94Author Commented:
just also saw Default website is stopped and wont start because "alnother site be already be using the port, please select a unused port"
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
It doesn't look that way to me... (I happen to know your domain name because as a Zone Advisor I have access to your IP address).  It's probably just your IE cache thats showing you your regular site.  When I go to http://office.yourdomain.net, I get the Welcome to Small Business Server web site.

Jeff
TechSoEasy
0
bvar94Author Commented:
OK!!!!
I changed our companies website to port 8080 and started the default website up. went to https://office.ourwebsite.net and RWW is working!!!!

anything wrong with using 8080 for our company site?

We DO need to get a 3rd party cert though....as we need to connect a treo700w  to send receive mail from.
0
bvar94Author Commented:
another note...going to http://www.oursite.net/remote also works
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
"anything wrong with using 8080 for our company site?"

YES.  It won't be available to the public unless they enter http://www.oursite.net:8080

HTTP automatically defaults to port 80, so changing the port isn't what you want to do.  As I said above though, it was working just fine from outside.  Were you testing from inside?

And you don't absolutely need to have a 3rd party cert for synching a treo 700w.  But if  you do go that route, follow the guide at http://sbsurl.com/ssl

Jeff
TechSoEasy
0
bvar94Author Commented:
I am working from home and able to get to RWEW and our website.

According to the timestamp on your reply when you first said it was working, is when I changed the port to 8080 on our NI website. When I had it set to 80, the default website stopped and wouldn't start
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, I can still get to the site... I posted a copy of what I see below (although I distorted it for privacy).

Now, what's  interesting is that I can get to https://www.oursite.net/remote, which is a bit strange if you have host headers for www.oursite.net configured.  Furthermore, http://www.oursite.net:8080 doesn't take me to your web site... so I'm thinking that you have your site configured on the default web site and it's not even seeing the virtual site at all.

hmmm...

Jeff
TechSoEasy
image.png
0
bvar94Author Commented:
thats our site, yes.
By virtual site, what do you mean?
Here are some more screens:

untitled.JPG
untitled2.JPG
untitled3.JPG
0
bvar94Author Commented:
Does this look right?
I find it odd how it is working....also how RWW was working before...
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Actually, I stand corrected... I don't normally configure things this way, so I had to go and test it out on my own server to be sure.  You do need to have the External IP address configured on your 690607782 site.  Just removing the SSL port of 443 should be enough to get everything working right.  Sorry for the confusion.  So change it back to the IP address instead of "all unassigned", but keep the host headers in place.

Go ahead and do that and you should be back to the way you were before.

Jeff
TechSoEasy
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bvar94Author Commented:
Also change it back to port 80? instead of 8080, correct?
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, just go to the advanced screen and remove that line for 8080, and leave the other two.

Jeff
TechSoEasy
0
bvar94Author Commented:
Your help is very much appreciated. I applaud your generosity and knowledge. Thanks again
0
bvar94Author Commented:
I have already purchased a 3rd party SSL from Go daddy, given my current settings, I should have no problems installing it if I follow your links instructions, correct?  http://sbsurl.com/ssl
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
you should have no problems installing it if you follow the instructions exactly AND your current configuration hasn't been manually modified to a non-supported configuration.  It's that last part that I have no idea about, so there's no way I can answer precisely.

:-)

Jeff
TechSoEasy
0
bvar94Author Commented:
what me worry?

;-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.