Solved

SBS 2003 RWW - Cant access

Posted on 2009-03-31
6
436 Views
Last Modified: 2013-12-24
Hello,

I have a feeling i already know the answer to this but though it best to post here before i check with my web host and they deny all knowledge.

We are currently up and running on SBS 2003 - all service packs installed.

VPN works fine - i have already tested using a company laptop from home. However we cannot access remote web workplace (inc exchange). I type in the address from my laptop at home (vista home premium) - the first page i see is a warning that the certificate is not recognised. I am offered to click to continue anyway - then the page cannot be found.

When the server was set up we used (as recommended) our internet site address as the address for the server - www.trans-marine.com . I have a feeling that out inability to see RWW may be due to the fact that our website is not actually hosted in house but we use a 3rd party host. Is the fact that when we try and connect dns records are taking us to the website and of course RWW does not exist (/remote) or is there somthing else i should be looking at?

I was also advised i should contact our ISP (British Telecom) and ask them to publish our server address - but do not want to do this at present in case it causes problems with our actual website (we have a tracking section that our customers rely on).

Should also add that when i tried https://ipaddress/remote  -  i had no joy either.

Thanks - Brett.
 
0
Comment
Question by:Brett_Parker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
cracksalsa earned 250 total points
ID: 24027705
Have you added the NAT entry in the firewall for port 443 to the server? Does it connect when you try without https? Is port 80 NAT'ed to the server? Have you modified the security settings on the Default Web Site where the exchange and remote virtual directories reside? If the firewall is ported correctly I would re-check all the security and make sure your not forcing SSL on the virtual directories. See this post for the virtual directories settings.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24260736.html
0
 

Author Comment

by:Brett_Parker
ID: 24027959
Thanks,

Will check the NAT entries and the security settings and also take a look at your link.

In answer to one of your questions - no it does not connect with http://xxxx

You do however mention port 80  -  this is our proxy web server (perhaps i should have mentioned this earlier - sorry) as we originally had problems with clients viewing websites (they could ping them but not actually see the page through their browser).

So am i to guess you do not think it is an issue with certificates and dns pointing to our web host for www.trans-marine.com then looking for /remote there?

Brett.
0
 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 250 total points
ID: 24028092
Hello Brett_Parker,

just create an A-record at your domain name DNS providers: remote.yourdomain.com, or whatever you want, that points to your EXTERNAL fixed ip.
RERUN the CEICW (connect to the internet wizard) and make sure your SBS certificate points to thAt FQDN: remote.yourdomain.com
Then forward port 443 AND port 4125 on your firewall device to your SBS server.
For more info (also sbs 2008): http://sbs.editme.com/sbs2008rww

Regards,

suppsaws
0
Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 250 total points
ID: 24028098
Brett_Parker,

so the url is:  httpS://remote.yourdomain.remote
port 80 needs to be CLOSED as port 3389, the ONLY ports that need to be open for RWW are 443 and 4125.


suppsaws
0
 
LVL 3

Assisted Solution

by:cracksalsa
cracksalsa earned 250 total points
ID: 24028107
My applogies, I spaced on the last part related to the DNS. I was to quick to think that since you were getting the certificate error that the page was at least presenting it. This is not always true. You can test by going to any site with https and /remote. It will present you with the same cert error even though you know that page isn't there.

This is a DNS issue. If you used www.trans-marine.com for your public website then DNS is pointing to your hosting provider (assuming your not hosting your public website on your SBS box). If you add the /remote to the url it is asking your public site for that virtual directory.

To resolve this you need a DNS record that points to the public IP address of your firewall in front of your SBS box. THEN you can NAT to the server. For example, remote.yourdomain.com points to your firewall. Then you will get to the RWW.
0
 

Author Comment

by:Brett_Parker
ID: 24075826
Hello,

Many thanks for your assistance with the above. We have gone live today with the new server and at present everything is ok.

I got our web host to create a dns recorder.

Then re-run CEICW - created a new certificate with the new server name. Still nothing, i was just about to write and ask how i NAT and open / forward ports on the ISA (i am still rather green at all this) but thought i should re-boot the server first. Then hey presto (with the aid of a dongle) i tested it and it works.

Many thanks to both of you and i have shared the points.

Thanks asgain,

A very happy Brett.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question