We help IT Professionals succeed at work.

Remote web workplace not working

Medium Priority
1,217 Views
Last Modified: 2011-10-19
After 2 months of smooth operation, Remote web workplace, OWA, etc stopped working.

When I go to https://office.ourdomain.net/remote I am getting a 404 page not found.
If I go to https://office.ourdomain.net I am brought to our main website.
Under Default website, there is a vitrual directory for REMOTE and points to c:/inetpub/remote

If I go to https://192.168.0.1/remote I can get in fine (as well as /exchange for OWA)

I reran CEICW, and Configure Remote Access and it seems to go well. Everyone gets the email about being granted RWW and tells them to go to https://office.ourdomain.net/remote. But when we do, we get a warning about the cert not being, then a 404




Only thing that changed was trying to add  a 3rd party ssl cert (godaddy) via their instructions for IIS6 which involved creating a snapin for intermediate certificate bundle, then installed ssl. I have since removed their certs, reran ceicw and let sbs create it's own cert
Comment
Watch Question

Author

Commented:
any ideas? things to check?
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
Most likely Windows Server 2003 SP2 has now been installed which can cause connectivity problems like this.  Please download and run the SBS Best Practices Analyzer which will tell you which additional updates you need.

http://sbsurl.com/bpa

You will also find information about SP2 here:  http://sbsurl.com/sp2

Finally, be sure that your NIC's Driver is the most up-to-date available.

Jeff
TechSoEasy

Author

Commented:
OK, ran BPA and critical errors as follows"

Receive side scaling is enabled
Task Offloading is enabled
TCP Chimney is enabled
TCPA is enabled

All issues:
EDNS is enabled
Pop3 connectorhas not been updated

Author

Commented:
another note: I am able to get inremotely  to the network (not rww)  by using the  remote connection disk

Author

Commented:
found new drivers on Broadcom's site which are newer than the ones on Asus's site (built in nics on Asus board).
I have to wait until everyone goes home to try them though.

Author

Commented:
Installed new drivers. Fixed all critical errors in BPA. Reran ceicw and configure remote access wizards.

Still getting page not found externally. I get a cert warning then 404

Author

Commented:
More....it seems the link that used to take me to RWW is now taking me to our main website, if that helps

Author

Commented:
I take it, I am on my own?

Author

Commented:
I reran CEICW and unchecked RWW.....went to htts://192.168.0.1/remote and it worked?.
Then I reran CEICW checked RWW, received the email saying RWW is now available by going to https://office.ourdomain.net/remote. When I click the link, I get the cert warning, click OK, then get a 404

Author

Commented:
looking at other suggestions, In IIS under Default website>home directory, under execute permissions, it says "scripts only"....should it be scripts and executables"?
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
If you are only getting a 404 error on /remote then I'd suspect that you have installed .NET 2.0 and it got configured on the /remote virtual directory.  If this is true, then check the ASP .NET tab of the /remote directory's properties and switch it from 2.0 to 1.1.4322, then restart IIS.

Jeff
TechSoEasy

Author

Commented:
I do not see a tab

I also do'nt believe I have .net2
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
If you don't have .NET 2.0 installed, you won't have the tab.

In rereading your question, I see that I missed a couple of things the first time... sorry about that... it's been a wildly busy week.

Anyhow... rereading the question made me then view your previous question about this subject (http:Q_23156916.html) and see that you have your external IP address configured on the default web site.  That should be set to "All Unassigned", because otherwise the internal sites won't resolve externally.

Change that and then rerun the CEICW.  

That won't stop your default site from working as long as it's either located in c:\inetpub\wwwroot.  If you want to locate the files for that site in another directory, then right click on the default.htm page from within IIS manager and configure it as a re-direct.

I'm also wondering how you originally configured the redirect for https://office.company.net to go to the /remote directory directly.  Because this can't be done with a host header.  But don't worry about that now... first change the IP Address and run the CEICW to see if it fixes the resolution problem from external locations.

Jeff
TechSoEasy

Author

Commented:
Default website is
*all unassigned*
TCP Port 80
SSL Port 443

ISAPI Filters Tab:
^ SBSFLT high priority
^fpexedll.dll Low priority
^OWALogon unknown priority


Home Directory tab:
c:\inetpub\wwwroot
Read, log visits, and indexthis resource are checked
Application name: Default Application
Starting Point: Default website
Execute Permissions: scripts only
Application Pool: DefaultappPool


As far as "Im also wondering how you originally configured the redirect for https://office.company.net to go to the /remote directory directly"

I didn't do anything special before. "office.ourdomain.net is just another name that points to our ip address which is the same as our website
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
So, is your company's web site located in the wwwroot folder?

Because I'm wondering if you can get to ANY page in the Default Web Site directory?

Jeff
TechSoEasy

Author

Commented:
No,  it is not in the wwwroot directory. It never was and worked until now.

If I go to https://192.168.0.1/remote I can use RWW

In IIS> SBS (local computer) under websites I have:
Default Website
Microsoft Sharepoint Administration
Sharepoint Central Administration
companyweb
OurWebsite

Author

Commented:
Another note/question

In the "Ourwebsite" there is no "remote" directory so I would think typing https://office.ourwebsite.net/remote (which is what the wizard says to input) into a browser would create a 404 because there is no remote directory under Ourwebsite. I figured the ceicw set something up to direct that request to the default website/remote.
I would rather not try doing things outside of the wizards on my own for fear of messing things up.

Companyweb works internally
Exchangel works fine
I can create a remote desktop connection  into the server from home.
VPN is working
Internally if I go to http://serverip/remote,  RWW comes up

Author

Commented:
Should our company's website be installed within the Default Website directory? I was reading Help and support and this is what I am understanding....please correct me if I am wrong.
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
Can you please post a screen shot of your Web Sites in IIS?

(similar to the view below)
image.png

Author

Commented:

Author

Commented:
anything else you need to see? I do not want to "manually" change anything in SBS without your thoughts
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
I've been a bit busy the past couple of days, sorry for not responding eariler... and no that's all I need to see.

The problem is that you've assigned your external IP address to your www site, which means that on the default site "all unassigned" doesn't include that IP anymore.  Plus you have port 443 configured on two separate sites intending to use the same external IP address, which isn't allowed.

I'm assuming that you don't need to have SSL on your company's regular web site.  So to fix your problem, you need to remove port 443 from that site, and then set it's IP address to "all unassigned" but add the following to the host headers in the "Advanced" settings for IP address:

ourwebsite.net
www.ourwebsite.net

This will direct any request for those FQDN's to go to that virtual web site, whereas, a request for office.ourwebsite.net will go to your default site (no host header needed, since anything that doesn't match the host headers configured for your regular web site will "default" to the default site -- plus you can't use host headers on that site).

After making those changes you can rerun the CEICW.

Jeff
TechSoEasy

Author

Commented:
OK, On our website (shown as Ni), I removed 443 from SSL port, Changed the 78.88.xxx.xxx to *All Unassigned"  and in Advanced in IP for Multplie identies for this website I added  - TCP port 80 - Host Header value -  ourwebsite.net and also the same for www.ourwebsite.net
Reran ceicw and remote acess and still get the same thing.
office.oursite.net brings me to our regular website.

I noticed that when I view our websites (like the screenshot I posted) under host header value, it is blank for NI (ourwebsite)

Author

Commented:
just also saw Default website is stopped and wont start because "alnother site be already be using the port, please select a unused port"
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
It doesn't look that way to me... (I happen to know your domain name because as a Zone Advisor I have access to your IP address).  It's probably just your IE cache thats showing you your regular site.  When I go to http://office.yourdomain.net, I get the Welcome to Small Business Server web site.

Jeff
TechSoEasy

Author

Commented:
OK!!!!
I changed our companies website to port 8080 and started the default website up. went to https://office.ourwebsite.net and RWW is working!!!!

anything wrong with using 8080 for our company site?

We DO need to get a 3rd party cert though....as we need to connect a treo700w  to send receive mail from.

Author

Commented:
another note...going to http://www.oursite.net/remote also works
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
"anything wrong with using 8080 for our company site?"

YES.  It won't be available to the public unless they enter http://www.oursite.net:8080

HTTP automatically defaults to port 80, so changing the port isn't what you want to do.  As I said above though, it was working just fine from outside.  Were you testing from inside?

And you don't absolutely need to have a 3rd party cert for synching a treo 700w.  But if  you do go that route, follow the guide at http://sbsurl.com/ssl

Jeff
TechSoEasy

Author

Commented:
I am working from home and able to get to RWEW and our website.

According to the timestamp on your reply when you first said it was working, is when I changed the port to 8080 on our NI website. When I had it set to 80, the default website stopped and wouldn't start
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
Well, I can still get to the site... I posted a copy of what I see below (although I distorted it for privacy).

Now, what's  interesting is that I can get to https://www.oursite.net/remote, which is a bit strange if you have host headers for www.oursite.net configured.  Furthermore, http://www.oursite.net:8080 doesn't take me to your web site... so I'm thinking that you have your site configured on the default web site and it's not even seeing the virtual site at all.

hmmm...

Jeff
TechSoEasy
image.png

Author

Commented:
thats our site, yes.
By virtual site, what do you mean?
Here are some more screens:

untitled.JPG
untitled2.JPG
untitled3.JPG

Author

Commented:
Does this look right?
I find it odd how it is working....also how RWW was working before...
Principal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014
Commented:
Actually, I stand corrected... I don't normally configure things this way, so I had to go and test it out on my own server to be sure.  You do need to have the External IP address configured on your 690607782 site.  Just removing the SSL port of 443 should be enough to get everything working right.  Sorry for the confusion.  So change it back to the IP address instead of "all unassigned", but keep the host headers in place.

Go ahead and do that and you should be back to the way you were before.

Jeff
TechSoEasy

Author

Commented:
Also change it back to port 80? instead of 8080, correct?
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
Well, just go to the advanced screen and remove that line for 8080, and leave the other two.

Jeff
TechSoEasy

Author

Commented:
Your help is very much appreciated. I applaud your generosity and knowledge. Thanks again

Author

Commented:
I have already purchased a 3rd party SSL from Go daddy, given my current settings, I should have no problems installing it if I follow your links instructions, correct?  http://sbsurl.com/ssl
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
you should have no problems installing it if you follow the instructions exactly AND your current configuration hasn't been manually modified to a non-supported configuration.  It's that last part that I have no idea about, so there's no way I can answer precisely.

:-)

Jeff
TechSoEasy

Author

Commented:
what me worry?

;-)

Explore More ContentExplore courses, solutions, and other research materials related to this topic.