Solved

SBS 2003 RWW - Cant access

Posted on 2009-03-31
6
428 Views
Last Modified: 2013-12-24
Hello,

I have a feeling i already know the answer to this but though it best to post here before i check with my web host and they deny all knowledge.

We are currently up and running on SBS 2003 - all service packs installed.

VPN works fine - i have already tested using a company laptop from home. However we cannot access remote web workplace (inc exchange). I type in the address from my laptop at home (vista home premium) - the first page i see is a warning that the certificate is not recognised. I am offered to click to continue anyway - then the page cannot be found.

When the server was set up we used (as recommended) our internet site address as the address for the server - www.trans-marine.com . I have a feeling that out inability to see RWW may be due to the fact that our website is not actually hosted in house but we use a 3rd party host. Is the fact that when we try and connect dns records are taking us to the website and of course RWW does not exist (/remote) or is there somthing else i should be looking at?

I was also advised i should contact our ISP (British Telecom) and ask them to publish our server address - but do not want to do this at present in case it causes problems with our actual website (we have a tracking section that our customers rely on).

Should also add that when i tried https://ipaddress/remote  -  i had no joy either.

Thanks - Brett.
 
0
Comment
Question by:Brett_Parker
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
cracksalsa earned 250 total points
Comment Utility
Have you added the NAT entry in the firewall for port 443 to the server? Does it connect when you try without https? Is port 80 NAT'ed to the server? Have you modified the security settings on the Default Web Site where the exchange and remote virtual directories reside? If the firewall is ported correctly I would re-check all the security and make sure your not forcing SSL on the virtual directories. See this post for the virtual directories settings.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24260736.html
0
 

Author Comment

by:Brett_Parker
Comment Utility
Thanks,

Will check the NAT entries and the security settings and also take a look at your link.

In answer to one of your questions - no it does not connect with http://xxxx

You do however mention port 80  -  this is our proxy web server (perhaps i should have mentioned this earlier - sorry) as we originally had problems with clients viewing websites (they could ping them but not actually see the page through their browser).

So am i to guess you do not think it is an issue with certificates and dns pointing to our web host for www.trans-marine.com then looking for /remote there?

Brett.
0
 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 250 total points
Comment Utility
Hello Brett_Parker,

just create an A-record at your domain name DNS providers: remote.yourdomain.com, or whatever you want, that points to your EXTERNAL fixed ip.
RERUN the CEICW (connect to the internet wizard) and make sure your SBS certificate points to thAt FQDN: remote.yourdomain.com
Then forward port 443 AND port 4125 on your firewall device to your SBS server.
For more info (also sbs 2008): http://sbs.editme.com/sbs2008rww

Regards,

suppsaws
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 250 total points
Comment Utility
Brett_Parker,

so the url is:  httpS://remote.yourdomain.remote
port 80 needs to be CLOSED as port 3389, the ONLY ports that need to be open for RWW are 443 and 4125.


suppsaws
0
 
LVL 3

Assisted Solution

by:cracksalsa
cracksalsa earned 250 total points
Comment Utility
My applogies, I spaced on the last part related to the DNS. I was to quick to think that since you were getting the certificate error that the page was at least presenting it. This is not always true. You can test by going to any site with https and /remote. It will present you with the same cert error even though you know that page isn't there.

This is a DNS issue. If you used www.trans-marine.com for your public website then DNS is pointing to your hosting provider (assuming your not hosting your public website on your SBS box). If you add the /remote to the url it is asking your public site for that virtual directory.

To resolve this you need a DNS record that points to the public IP address of your firewall in front of your SBS box. THEN you can NAT to the server. For example, remote.yourdomain.com points to your firewall. Then you will get to the RWW.
0
 

Author Comment

by:Brett_Parker
Comment Utility
Hello,

Many thanks for your assistance with the above. We have gone live today with the new server and at present everything is ok.

I got our web host to create a dns recorder.

Then re-run CEICW - created a new certificate with the new server name. Still nothing, i was just about to write and ask how i NAT and open / forward ports on the ISA (i am still rather green at all this) but thought i should re-boot the server first. Then hey presto (with the aid of a dongle) i tested it and it works.

Many thanks to both of you and i have shared the points.

Thanks asgain,

A very happy Brett.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now