• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 563
  • Last Modified:

Small Business Server 2008 RWW can only connect internally

I just rolled out a small busines server 08 and the RWW works internally, when I type https://mail.domainname.com but externally nothing.

The DNS is pointed to the static IP and the mail is going into exchange, and if I RDP mail.domainname.com it connects.

The firewall is a fortinet and port 80 and 443 are mapped to the server the same as I have done sbs 03 servers in the past with no issues.

Under the SBS console with the domain setup, where I changed remote to mail and added their domain name everything runs fine, but get a warning that the ports 25, 80. 443. and 997 can't be opened.

Has anyone else ran into this?
  • 4
  • 4
1 Solution
Are they Configured to be redirected to your SBS server ip address from your Router?
Port 4125 will also need to be redirected.
Rob WilliamsCommented:
Actually only SBS 2003 needs port 4125, but SBS 2008 needs 443 and 987 for RWW. The warning you are getting indicates that the server cannot open the ports on the router automatically using UPnP, you will have to manually forward those ports from the router to the SBS.
You may also want port 25 for exchange but 80 should not be needed unless hosting a web serve wich is strongly discouraged.
brandywineAuthor Commented:
That is correct with port 4125

Currently 443, 80, and 987 are mapped to server through tcp, do I need to make additional rules for those to map udp for it to work?


Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Rob WilliamsCommented:
UDP is not needed. By the way to connect remotely, by default you need to use, for RWW  https://remote.MyDomain.abc  or direct OWA access  https://remote.MyDomain.abc/OWA

I assume you have set up a DNS record with whomever manages your External DNS for remote.MyDomain.abc ?
You will also receive a certificate error externally if you have not purchase a certificate, but you can accept this and continue.
brandywineAuthor Commented:
I had their web guy setup mail.domain.com DNS to their static IP where the server is.  Under the setup, I changed remote to mail so it should be fine since it works internally without any issue.

When I go to a web page outside of the network it shows:

  Internet Explorer cannot display the webpage
   Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
   What you can try:
     Diagnose Connection Problems  
     More information

This leads me to believe it might be a DNS issue since it isn't showing an IIS related page

They were using 1and1.com and it took them 2 weeks to get it to this point - does that sound correct?
Rob WilliamsCommented:
I have never changed the default "remote...." option on SBS 2008. Though I am sure it is possible it would involve additional changes in IIS. SBS does not like "tweaks" so it can often have adverse effects. I am on the road and do not have an SBS to easily look at right now but it does sound like DNS and/or IIS config issues.
brandywineAuthor Commented:
Good Point, I didn't even think of that!  Let me try it with remote and get back to you - but that definitely makes sense!
brandywineAuthor Commented:
Once I changed to the standard remote rather then email it did the trick!

Thanks so much!!!!
Rob WilliamsCommented:
Good to hear. SBS doesn't like to be customized due to all the interrelated components.
Thanks brandywine (like to know the story behind that name)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now