Can't access Remote Web Workplace from Internet - HTTP 403.6 error

I just configured a Dell PowerEdge 840 SBS 2003 server.  I ran the E-mail and Internet Connection Wizard, enabling everything EXCEPT "Server performance and usage reports" and "Business Web site (wwwroot)".   I can easily access the Remote Web Workplace from inside the network via https://server01/remote, however, I can't access it from an external machine.  I receive the dreaded "HTTP Error 403.6 ...you are trying to reach a list of IP addresses that are not allowed to access this web site." I researched this here at experts-exchange and tried the changes suggested in Microsoft KB306833 which has you change the directory security settings on the Default web.  This not only didn't work, but whereas I could previously ping the external IP address (the company does not have a static IP address, so we use a DynDNS.address), I can no longer ping it after making the IIS changes.  Additionally, I am using a WatchGuard Firebox Edge x10e, which has the appropriate ports opened.  What can I do to fix this mess so I can run Remote Web Workplace and once again ping the DynDNS address?
Thanks.
Michael
mskleinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

D_HartupCommented:
I'ts the set of allowed IP addresses on the IIS web site. It's set on the properties for each website defined under Directory Security tab, and then IP Address Grant and domain name restrictions. I suspect you've got it to only accept local LAN connections.
mskleinAuthor Commented:
Your suggestion is exactly what the Microsoft KB306833 article describes. I tried it on the "default web site" and it didn't seem to change anything. It actually appeared to make things worse. I started to receive HTTP 404 errors afterwards.  Please keep in mind that we're not running a web site from the SBS; the business site is currently hosted by a hosting company. We're just trying to get OWA to work. What next?
D_HartupCommented:
on our SBS server, we have no explicit IP or domains granted or denied on any of the websites in IIS. If you have any on any of your IIS websites, remove any grants or denys. Best to start from a clean sheet.

In IIS, do you have the full set of websites? There should be the default one, and then a whole bunch called companyweb, sharepoint and so on?
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

mskleinAuthor Commented:
When I go to the "IP address and domain name restrictions" area of the Directory Security tab to remove the grants, I get an "Inheritance Overrides" for child nodes dialog box when I click "OK" after selecting the "allow access" radio button.  I have just been clicking "OK" without selecting any of them as that's what the MS KB article recommended.  Is that correct or do I need to select all or some of those, and if so, which ones?

I have the following web sites in IIS:
Default Web Site
Microsoft SharePoint Administration
SharePoint Central Administration
companyweb
WSUS Administration

Since I have made this change described above, I now get an HTTP 404 error when I try to access the RWW via https://<IP address>/server01/remote.  Any other ideas? Thanks.
mskleinAuthor Commented:
One more thing:
When I initially try to access the RWW via https://<IP address>/server01/remote, the browser returns 2 certificate related security warnings.  So it appears that it's getting to the IIS server, but failing at that point.  Also, if I ping the IP address, the ping fails.  However, if I ping the IP address with the port appended, e.g., "PING 123.456.789.012:443", I get a response.

Any other insights would be appreciated.  Thanks again.
Michael
mskleinAuthor Commented:
Although D Hartup helped resolve the 403.6 error, I resolved the subsequent 404 error by creating a new certificate with the DynDNS address in it instead of the externally hosted domain, and then using https://<DynDNS address>/remote to access the RWW.  I hope this helps someone else.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
D_HartupCommented:
Hey, sorry about never replying to your latter comments, I never got the emails telling me comments had been added, weird! Just got the one about your comment today. Well done - very pleased that you've got it working - I've torn my hair out so many times with exactly the same faults before, super frustrating stuff. Have a good weekend.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.