Link to home
Start Free TrialLog in
Avatar of CSHTech
CSHTechFlag for United Kingdom of Great Britain and Northern Ireland

asked on

SBS 2003 RWW/OMA - firewall port forwarding and security advice

I would be grateful for some clarification and advice - I am in the process of planning to use Outlook Mobile Access and then Remote Web Workplace on my SBS 2003 server (1 NIC), which has 5 client computers.

My setup is a Netgear DG834G modem/router > Netgear FVS318 hardware firewall (my ISP doesn't use PPOE) > server/client computers on the 192.168.x.x LAN.

I would like to try to use OMA using my Blackberry and in the near future when I get an offsite machine, use RWW. Before I do this I would appreciate some advice: -

1. To forward the necessary ports to the server, will I have to forward the ports on both the router and hardware firewall to the server, or just the router?
2. Although I understand that SSL can be used, is it just the strength of the passwords that will protect the server from unauthorised access from the internet?

Thanks for your help.
Avatar of Perry_IDITC
Perry_IDITC
Flag of United States of America image

Hi,

When you foward the ports you need to configure it in such a way that communication is possible from the internet to the sever on the required ports. So if you have 2 firewalls in the way like a hardware one and the windows firewall, you will need to foward the port on the hardware firewall then open the port on the windows firewall.

Using SSL is a really good ideal. It encrypts communication between your mobile device and the server, so passwords and such are not as open to man in the middle attacks. you can either buy a SSL from godaddy or somewhere for your sever or create your own. Its is a better idea to buy a SSL because it will automatically be trusted and less configuration is required. Also you might want to consider using the Blackberry Profissional Software (10 blackberrys max) or Enterprise Software (unlimited blackberrys) so the calander and contacts will sync in addition to the e-mails.

Cheers,
Perry
Avatar of CSHTech

ASKER

Thanks for your reply.

I've added the forwarding rules to the router and hardware firewall. I've also run the CEICW again and ticked OWA, OMA etc (although got the popup that the firewall could not be configured - possibly because I only have 1NIC?) but cannot reach OWA, OMA, or Exchange via //:servername/owa in the IE address bar. I keep getting "Internet Explorer cannot display the webpage".

Any thoughts?
ASKER CERTIFIED SOLUTION
Avatar of Perry_IDITC
Perry_IDITC
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of CSHTech

ASKER

Everything checks on your list. When I log in either on the LAN using http://servername/oma or using my mobile with http://dnsname.oma, I get the error message:-

"Your account is not configured for wireless access"  

...which on checking Google has something to do with Exchange, but I'm a bit lost at this point.....any help much appreciated.
Avatar of CSHTech

ASKER

Perry, thanks for your help. The latest issue should be the subject of another question, so I've awarded the points now.