Solved

No external access to RWW and OWA using SBS 2008

Posted on 2009-07-04
19
1,973 Views
Last Modified: 2012-05-07
Guy's,

I have a static IP address, I have SBS 2008 installed and working. All the wizards have been done. I have exchange 2007 working, sending mail out to external addresses, and receiving back in again (using smarthost), and I have remote RDP access working.
 
I have done port forwarding for 25, 443, 987, 80, etc... to the SBS server's internal IP.
 
I have tried https://remote.mydomain.co.uk internally, and this works 100% I can access the RWW portal, check mail for users etc... but as soon as I try externally, it doesn't work
 
I have run the wizard to configure this as https://remote.mydomain.co.uk and I have also gone to my domain control panel, and setup an A-record for remote.mydomain.co.uk to point to my static IP address.

I've tried everything with this and it's driving me nuts... :(

I've looked at this post...
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_24404835.html

...which points to a solution here... (Copied my question intro from here also as it's exactly the same as my problem..)
http://www.smallbizserver.net/Forums/tabid/53/view/topic/postid/98818/forumid/103/tpage/1/Default.aspx

...but they were using a Thompson Router, I'm using Draytek 2930 router and I've opened ports 25, 987, 80 and 3389.

It works great internally using the external address https://remote.mydomain.co.uk/Remote/
But external, I get an error, see screen shot 1, Suggesting a router issue...?

If I use my https://w.a.n.i.p/remote I get another error, see screen shot 2, Suggesting an IIS problem...?

I've done nearly 3 dozen SBS 2008 setup's and I can do them in my sleep, this is my first SBS 2008...
RWW is the most popular productive feature to external users, and it won't work... AARRRGGHHH..!

If anyone can help I would be very grateful

Regards,
Chris
 
SBS2008-RWW-Error-Screen-shot-2.JPG
SBS2008-RWW-Error-Screen-shot-1.JPG
0
Comment
  • 10
  • 7
  • 2
19 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776724
OK, that's at least a reasonable sign as it looks like you are getting to your server.
Can you try it without the remote on the end of the URL?
0
 
LVL 23

Expert Comment

by:ComputerTechie
ID: 24776742
What happens if you add OWA to the end?

CT
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776769
Thanks for coming back to me so quickly...

If I add /owa on the end I get the same error as screenshot 1.
If i remove /Remote I get the Router login Screen...

BTW. In the "Router remote management" section of the reouter I have changed the default ports as follows:
80 changed to 8080
443 changed to 4433

If on SBS 2003 you don't change 443 you cannot access the RWW... strangley this looks like I haven't changed it from 443 to 4433... I'll check on come back to you..

Chris.
0
ScreenConnect 6.0 Free Trial

Want empowering updates? You're in the right place! Discover new features in ScreenConnect 6.0, based on partner feedback, to keep you business operating smoothly and optimally (the way it should be). Explore all of the extras and enhancements for yourself!

 

Author Comment

by:PendleBusinessSolutions
ID: 24776770
Just changed it to 4431 from 4433, I'll check if it works... give me tick...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776775
OK, so if you do HTTPS://externalip/ you get the router login page?
This tell me that port 443 is not being forwarded to your server
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776777
Correction:

If the URL is: http://w.a.n.i.p/Remote I get the error in screen shot 2
If the URL is: https://w.a.n.i.p/Remote I get the error in screen shot 1

If the URL is: http://w.a.n.i.p/owa I get the error in screen shot 2
If the URL is: https://w.a.n.i.p/owa I get the error in screen shot 1

It looks like it's something to do with port 443/https..?

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776793
Are you able to set your router up with a DMZ host?
If so can you point it to your internal servers address as the DMZ host, purely for testing to eliminate the server as a problem.
0
 
LVL 23

Expert Comment

by:ComputerTechie
ID: 24776799
try http://mail.servername.com/owa and https://mail.servername.com/owa

or mail server setting at.

CT
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776813
If the URL is: http://w.a.n.i.p/ I get the Into screen to IIS 7...
If the URL is: https://w.a.n.i.p/ I get the router login screen...

I'll try the DMZ option a come back to you...

Chris.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 24776823
Also turn off remote administration on the router, this is probably capturing port 443 for it's own use.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776858
mail.mycompany.co.uk is not configured it just goes to host default holding page, we have setup our email on pop3 with, I see what you're getting at though, I have however set up an MX record point to exc.mycompany.co.uk...

So...
If the URL is: http://exc.mycompany.co.uk/ I get the Into screen to IIS 7...
If the URL is: https://exc.mycompany.co.uk/ I get the router login screen...

Also, Tried the DMZ tweak... no joy...

And if I turn off remote management of the router I loose access to it from here... I could delete the "Access the router to manage it via HTTPS though... give me a tick...

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776878
Make sure you restart the router after making changes if I remember correctly the draytek can be a bit funny with dynamic changes
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776879
Dissabled HTTPS Remote Router Managemant, but all the above results are the same...

I'll try a remote reboot... just a tick...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776887
Make sure you save settings first ;-)
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776888
No... Still the same... I would say it a router firmware issue... not letting me configure or disable 443 properly...?

What do you think..?

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776905
Hmmm, it definately looks that way, the fact port 80 is getting through and 443 gives you a router login would indicate some sort of port forwarding issue, check the router rules, change the remote administration port on the router and check you get the router login page using the new port.

Make sure the internal rules on the draytek are not capturing port 443 for some other reason.  I am mobile at the moment but will have a look at a draytek as soon as I can to see if I can help you further.

I would say this is definately where your problem lies.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24777894
Just to update you guy's... I've removed the 3.2.2 firmware from the Draytek 2930 and down graded it to 3.2.1... 3.2.2 came with the router but you can't download it from their website yet and I know 3.2.1 works on other routers...
Anyway it didn't solve this RWW problem... AAARRRRGGGHHHH...!!!!

Any more ideas...?

Does anyone have a list of things I can check systematically to check if the SBS 2008 "Set up your Internet Address" wizard actuall did what it was supposed to do...?

In the meantime I've put a support ticket into Draytek to see if they know of any problems with port 443 not behaving as it should...

Regards,
Chris.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24777961
WoHOOOO...! in the imortal words of Bart Simpson....

I've sorted it, it bothered me that much I've driven over to my customer's office...
Now on site, I did the firmware upload as I said earlier, but just before I was leaving (totally fed up that that haddn't worked), I remembered what "demazter" earlier in the thread...

"Also turn off remote administration on the router, this is probably capturing port 443 for it's own use."

Well I tried this and RDP'd back to my office to RDP back in to test it and guess what...! it worked....!!!! :) :)

Draytek is going to get it on Monday... firmware AARRRGGGHHHH...! Indeed Remote Router Management must have been interfering with port 443... even though I changed this port and disable HTTPS for remote router management.

So chuffed now.

Cheers guy's hope this helped someone else, and thanks particularly to demazter.

Regards,
Chris.



0
 

Author Closing Comment

by:PendleBusinessSolutions
ID: 31599756
You should have to turn off remote management, but in thiscase it did the trick, it must be faulty Draytek v2930 router firmware... (which to be fare, is very rare...)

Cheers guy's.

Chris.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RemoteApps using Remote Desktop Services 9 52
Replace SBS 2011 Exchange 2010 with Exchange 2016 3 135
Set time on server to sync with the internet clock 22 69
SBS2008 Backup 2 29
The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question