• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 655
  • Last Modified:

Setting up FQDN for SBS Remote Workplace

I currently have SBS2003 (fictional ip's and domain names)
Server has static IP from comcast 10.1.1.1
DNS is handled by GODADDY
company website hosted somewhere else is domain.com

SBS RWW from the outside using IP address works fine
I registered domain.net to use RWW so people do not have to remember the IP
Created a A record domain.net = 10.1.1.1

this was setup a couple of days ago and still not working (again IP is fine), even tried a cname record with the same

go to domain.net get page cannot be found
what is strange is if I go to https://domain.net I get the cert warning as usual, but as soon as I click on "continue to site anyway" I get
Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)

Does comcast need to be involved since they own the IP? what might be the issue?
0
tkthelpdesk
Asked:
tkthelpdesk
2 Solutions
 
Michael WorshamInfrastructure / Solutions ArchitectCommented:
10.1.1.1 is a private IP address like 192.168.x.x.

A quick way to find out what IP address you are actually coming from is to do this:

1) Login to the SBS 2003 server or any other workstation on the same network
2) Open a web browser and goto 'http://www.ipchicken.com/'

IP Chicken will display the 'actual' IP address you are coming from.

Since you are using Comcast, did they give you one of their 'business-class' modem/routers?
0
 
Jerry SolomonNetwork AdministratorCommented:
What to do there is to either :
a) set port forwards on the Comcast router/modem.
b)(preferred) Get a better Firewall/router device like a Sonicwall TZ170 or Watchguard X10e, and ask comcast support to "turn off routing because you have your own router"
the ports that need to be forwarded are 4125 (remote web woprkplace), 443 (outlook Web access) and 25 (email delivery).
Set all the port forwards to forward to the LAN IP of your server, which should be set to a static address so it will never change.

You may want to consider having a company in to help you out if any of the things I mentioned here are unfamiliar to you.

and of course as mentioned above, you need to know what your public IP is (Warning: it may change if you have comcast turn off routing)

good luck.
0
 
Michael WorshamInfrastructure / Solutions ArchitectCommented:
This guide will definitely help if you have the Comcast Business-Class modem/router...

Comcast Business IP Gateway User Guide
http://mwecomputers.com/EE/Comcast_Business_IP_Gateway_User_Guide.pdf
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
tkthelpdeskAuthor Commented:
I currently have SBS2003 (fictional ip's and domain names)

yes I know the IP, its a static IP non internal, its what I meant by fictional....

server is on ISA, set with default SBS ports, comcast owns the router

A record created domain.net at godaddy goes to public ip of server given by comcast
CNAMe record created for domain.net  at godaddy to go to public ip of the server given by comcast

I go to domain.net and get the cert warning, continue and

Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)


0
 
Michael WorshamInfrastructure / Solutions ArchitectCommented:
0
 
DanJournoCommented:
Hello,

Are you still having issues?
There are a few things to try
Double check that Host Header Values for the Default Website are either empty or have your FQDN listed.
To do this, load up IIS, right click the Default Website and go to properties. On the Website Tab, in the Web site Identification section, click on Advanced. Then you should have to lists.
The top list is for non-secure (standard) http:// access. The bottom is for https: access.
In the top section, check that you have a row that has the following:-

1) Your INTERNAL IP Address (Internal because the server is behind a router and has no idea what its public IP address is or how to respond to it)
2) Port 80
3) The FQDN in the host header column

If not, add it and try again.
Also, check the bottom list has the internal IP address and port 443. Make sure you map port 443 through the router.

Hope that helps.
Dan
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now