?
Solved

SBS 2003 RWW/OMA - firewall port forwarding and security advice

Posted on 2009-05-17
5
Medium Priority
?
1,732 Views
Last Modified: 2013-12-02
I would be grateful for some clarification and advice - I am in the process of planning to use Outlook Mobile Access and then Remote Web Workplace on my SBS 2003 server (1 NIC), which has 5 client computers.

My setup is a Netgear DG834G modem/router > Netgear FVS318 hardware firewall (my ISP doesn't use PPOE) > server/client computers on the 192.168.x.x LAN.

I would like to try to use OMA using my Blackberry and in the near future when I get an offsite machine, use RWW. Before I do this I would appreciate some advice: -

1. To forward the necessary ports to the server, will I have to forward the ports on both the router and hardware firewall to the server, or just the router?
2. Although I understand that SSL can be used, is it just the strength of the passwords that will protect the server from unauthorised access from the internet?

Thanks for your help.
0
Comment
Question by:CSHTech
  • 3
  • 2
5 Comments
 
LVL 8

Expert Comment

by:Perry_IDITC
ID: 24406513
Hi,

When you foward the ports you need to configure it in such a way that communication is possible from the internet to the sever on the required ports. So if you have 2 firewalls in the way like a hardware one and the windows firewall, you will need to foward the port on the hardware firewall then open the port on the windows firewall.

Using SSL is a really good ideal. It encrypts communication between your mobile device and the server, so passwords and such are not as open to man in the middle attacks. you can either buy a SSL from godaddy or somewhere for your sever or create your own. Its is a better idea to buy a SSL because it will automatically be trusted and less configuration is required. Also you might want to consider using the Blackberry Profissional Software (10 blackberrys max) or Enterprise Software (unlimited blackberrys) so the calander and contacts will sync in addition to the e-mails.

Cheers,
Perry
0
 

Author Comment

by:CSHTech
ID: 24407025
Thanks for your reply.

I've added the forwarding rules to the router and hardware firewall. I've also run the CEICW again and ticked OWA, OMA etc (although got the popup that the firewall could not be configured - possibly because I only have 1NIC?) but cannot reach OWA, OMA, or Exchange via //:servername/owa in the IE address bar. I keep getting "Internet Explorer cannot display the webpage".

Any thoughts?
0
 
LVL 8

Accepted Solution

by:
Perry_IDITC earned 1200 total points
ID: 24407087
Things you need to check:

DNS: both internal and external (if you are going to use it remotely) Make sure your server is setup as a dns server and is configured properly.
Firewalls: make sure ports 80, 443, 25 and 4125 are open or are on the allowed list
Make sure IIS is started
Exchange is configured right?
Are you able to view the oma page by http://192.168.x.x/OMA or http://servername/OMA not OWA?
0
 

Author Comment

by:CSHTech
ID: 24407372
Everything checks on your list. When I log in either on the LAN using http://servername/oma or using my mobile with http://dnsname.oma, I get the error message:-

"Your account is not configured for wireless access"  

...which on checking Google has something to do with Exchange, but I'm a bit lost at this point.....any help much appreciated.
0
 

Author Closing Comment

by:CSHTech
ID: 31582335
Perry, thanks for your help. The latest issue should be the subject of another question, so I've awarded the points now.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Jet database engine errors can crop up out of nowhere to disrupt the working of the Exchange server. Decoding why a particular error occurs goes a long way in determining the right solution for it.
If you try to migrate from Elastix to Issabel, you will face a lot of issues. These problems are inevitable but fortunately, you can fix them. In the guide below, I will explain how I performed the migration while keeping all data and successfully t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question