?
Solved

SBS 2003 RWW - Cant access

Posted on 2009-03-31
6
Medium Priority
?
440 Views
Last Modified: 2013-12-24
Hello,

I have a feeling i already know the answer to this but though it best to post here before i check with my web host and they deny all knowledge.

We are currently up and running on SBS 2003 - all service packs installed.

VPN works fine - i have already tested using a company laptop from home. However we cannot access remote web workplace (inc exchange). I type in the address from my laptop at home (vista home premium) - the first page i see is a warning that the certificate is not recognised. I am offered to click to continue anyway - then the page cannot be found.

When the server was set up we used (as recommended) our internet site address as the address for the server - www.trans-marine.com . I have a feeling that out inability to see RWW may be due to the fact that our website is not actually hosted in house but we use a 3rd party host. Is the fact that when we try and connect dns records are taking us to the website and of course RWW does not exist (/remote) or is there somthing else i should be looking at?

I was also advised i should contact our ISP (British Telecom) and ask them to publish our server address - but do not want to do this at present in case it causes problems with our actual website (we have a tracking section that our customers rely on).

Should also add that when i tried https://ipaddress/remote  -  i had no joy either.

Thanks - Brett.
 
0
Comment
Question by:Brett_Parker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
cracksalsa earned 1000 total points
ID: 24027705
Have you added the NAT entry in the firewall for port 443 to the server? Does it connect when you try without https? Is port 80 NAT'ed to the server? Have you modified the security settings on the Default Web Site where the exchange and remote virtual directories reside? If the firewall is ported correctly I would re-check all the security and make sure your not forcing SSL on the virtual directories. See this post for the virtual directories settings.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24260736.html
0
 

Author Comment

by:Brett_Parker
ID: 24027959
Thanks,

Will check the NAT entries and the security settings and also take a look at your link.

In answer to one of your questions - no it does not connect with http://xxxx

You do however mention port 80  -  this is our proxy web server (perhaps i should have mentioned this earlier - sorry) as we originally had problems with clients viewing websites (they could ping them but not actually see the page through their browser).

So am i to guess you do not think it is an issue with certificates and dns pointing to our web host for www.trans-marine.com then looking for /remote there?

Brett.
0
 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 1000 total points
ID: 24028092
Hello Brett_Parker,

just create an A-record at your domain name DNS providers: remote.yourdomain.com, or whatever you want, that points to your EXTERNAL fixed ip.
RERUN the CEICW (connect to the internet wizard) and make sure your SBS certificate points to thAt FQDN: remote.yourdomain.com
Then forward port 443 AND port 4125 on your firewall device to your SBS server.
For more info (also sbs 2008): http://sbs.editme.com/sbs2008rww

Regards,

suppsaws
0
Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 1000 total points
ID: 24028098
Brett_Parker,

so the url is:  httpS://remote.yourdomain.remote
port 80 needs to be CLOSED as port 3389, the ONLY ports that need to be open for RWW are 443 and 4125.


suppsaws
0
 
LVL 3

Assisted Solution

by:cracksalsa
cracksalsa earned 1000 total points
ID: 24028107
My applogies, I spaced on the last part related to the DNS. I was to quick to think that since you were getting the certificate error that the page was at least presenting it. This is not always true. You can test by going to any site with https and /remote. It will present you with the same cert error even though you know that page isn't there.

This is a DNS issue. If you used www.trans-marine.com for your public website then DNS is pointing to your hosting provider (assuming your not hosting your public website on your SBS box). If you add the /remote to the url it is asking your public site for that virtual directory.

To resolve this you need a DNS record that points to the public IP address of your firewall in front of your SBS box. THEN you can NAT to the server. For example, remote.yourdomain.com points to your firewall. Then you will get to the RWW.
0
 

Author Comment

by:Brett_Parker
ID: 24075826
Hello,

Many thanks for your assistance with the above. We have gone live today with the new server and at present everything is ok.

I got our web host to create a dns recorder.

Then re-run CEICW - created a new certificate with the new server name. Still nothing, i was just about to write and ask how i NAT and open / forward ports on the ISA (i am still rather green at all this) but thought i should re-boot the server first. Then hey presto (with the aid of a dongle) i tested it and it works.

Many thanks to both of you and i have shared the points.

Thanks asgain,

A very happy Brett.
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question