Solved

No external access to RWW and OWA using SBS 2008

Posted on 2009-07-04
19
1,943 Views
Last Modified: 2012-05-07
Guy's,

I have a static IP address, I have SBS 2008 installed and working. All the wizards have been done. I have exchange 2007 working, sending mail out to external addresses, and receiving back in again (using smarthost), and I have remote RDP access working.
 
I have done port forwarding for 25, 443, 987, 80, etc... to the SBS server's internal IP.
 
I have tried https://remote.mydomain.co.uk internally, and this works 100% I can access the RWW portal, check mail for users etc... but as soon as I try externally, it doesn't work
 
I have run the wizard to configure this as https://remote.mydomain.co.uk and I have also gone to my domain control panel, and setup an A-record for remote.mydomain.co.uk to point to my static IP address.

I've tried everything with this and it's driving me nuts... :(

I've looked at this post...
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_24404835.html

...which points to a solution here... (Copied my question intro from here also as it's exactly the same as my problem..)
http://www.smallbizserver.net/Forums/tabid/53/view/topic/postid/98818/forumid/103/tpage/1/Default.aspx

...but they were using a Thompson Router, I'm using Draytek 2930 router and I've opened ports 25, 987, 80 and 3389.

It works great internally using the external address https://remote.mydomain.co.uk/Remote/
But external, I get an error, see screen shot 1, Suggesting a router issue...?

If I use my https://w.a.n.i.p/remote I get another error, see screen shot 2, Suggesting an IIS problem...?

I've done nearly 3 dozen SBS 2008 setup's and I can do them in my sleep, this is my first SBS 2008...
RWW is the most popular productive feature to external users, and it won't work... AARRRGGHHH..!

If anyone can help I would be very grateful

Regards,
Chris
 
SBS2008-RWW-Error-Screen-shot-2.JPG
SBS2008-RWW-Error-Screen-shot-1.JPG
0
Comment
  • 10
  • 7
  • 2
19 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776724
OK, that's at least a reasonable sign as it looks like you are getting to your server.
Can you try it without the remote on the end of the URL?
0
 
LVL 23

Expert Comment

by:ComputerTechie
ID: 24776742
What happens if you add OWA to the end?

CT
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776769
Thanks for coming back to me so quickly...

If I add /owa on the end I get the same error as screenshot 1.
If i remove /Remote I get the Router login Screen...

BTW. In the "Router remote management" section of the reouter I have changed the default ports as follows:
80 changed to 8080
443 changed to 4433

If on SBS 2003 you don't change 443 you cannot access the RWW... strangley this looks like I haven't changed it from 443 to 4433... I'll check on come back to you..

Chris.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776770
Just changed it to 4431 from 4433, I'll check if it works... give me tick...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776775
OK, so if you do HTTPS://externalip/ you get the router login page?
This tell me that port 443 is not being forwarded to your server
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776777
Correction:

If the URL is: http://w.a.n.i.p/Remote I get the error in screen shot 2
If the URL is: https://w.a.n.i.p/Remote I get the error in screen shot 1

If the URL is: http://w.a.n.i.p/owa I get the error in screen shot 2
If the URL is: https://w.a.n.i.p/owa I get the error in screen shot 1

It looks like it's something to do with port 443/https..?

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776793
Are you able to set your router up with a DMZ host?
If so can you point it to your internal servers address as the DMZ host, purely for testing to eliminate the server as a problem.
0
 
LVL 23

Expert Comment

by:ComputerTechie
ID: 24776799
try http://mail.servername.com/owa and https://mail.servername.com/owa

or mail server setting at.

CT
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776813
If the URL is: http://w.a.n.i.p/ I get the Into screen to IIS 7...
If the URL is: https://w.a.n.i.p/ I get the router login screen...

I'll try the DMZ option a come back to you...

Chris.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 24776823
Also turn off remote administration on the router, this is probably capturing port 443 for it's own use.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776858
mail.mycompany.co.uk is not configured it just goes to host default holding page, we have setup our email on pop3 with, I see what you're getting at though, I have however set up an MX record point to exc.mycompany.co.uk...

So...
If the URL is: http://exc.mycompany.co.uk/ I get the Into screen to IIS 7...
If the URL is: https://exc.mycompany.co.uk/ I get the router login screen...

Also, Tried the DMZ tweak... no joy...

And if I turn off remote management of the router I loose access to it from here... I could delete the "Access the router to manage it via HTTPS though... give me a tick...

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776878
Make sure you restart the router after making changes if I remember correctly the draytek can be a bit funny with dynamic changes
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776879
Dissabled HTTPS Remote Router Managemant, but all the above results are the same...

I'll try a remote reboot... just a tick...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776887
Make sure you save settings first ;-)
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24776888
No... Still the same... I would say it a router firmware issue... not letting me configure or disable 443 properly...?

What do you think..?

Chris.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24776905
Hmmm, it definately looks that way, the fact port 80 is getting through and 443 gives you a router login would indicate some sort of port forwarding issue, check the router rules, change the remote administration port on the router and check you get the router login page using the new port.

Make sure the internal rules on the draytek are not capturing port 443 for some other reason.  I am mobile at the moment but will have a look at a draytek as soon as I can to see if I can help you further.

I would say this is definately where your problem lies.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24777894
Just to update you guy's... I've removed the 3.2.2 firmware from the Draytek 2930 and down graded it to 3.2.1... 3.2.2 came with the router but you can't download it from their website yet and I know 3.2.1 works on other routers...
Anyway it didn't solve this RWW problem... AAARRRRGGGHHHH...!!!!

Any more ideas...?

Does anyone have a list of things I can check systematically to check if the SBS 2008 "Set up your Internet Address" wizard actuall did what it was supposed to do...?

In the meantime I've put a support ticket into Draytek to see if they know of any problems with port 443 not behaving as it should...

Regards,
Chris.
0
 

Author Comment

by:PendleBusinessSolutions
ID: 24777961
WoHOOOO...! in the imortal words of Bart Simpson....

I've sorted it, it bothered me that much I've driven over to my customer's office...
Now on site, I did the firmware upload as I said earlier, but just before I was leaving (totally fed up that that haddn't worked), I remembered what "demazter" earlier in the thread...

"Also turn off remote administration on the router, this is probably capturing port 443 for it's own use."

Well I tried this and RDP'd back to my office to RDP back in to test it and guess what...! it worked....!!!! :) :)

Draytek is going to get it on Monday... firmware AARRRGGGHHHH...! Indeed Remote Router Management must have been interfering with port 443... even though I changed this port and disable HTTPS for remote router management.

So chuffed now.

Cheers guy's hope this helped someone else, and thanks particularly to demazter.

Regards,
Chris.



0
 

Author Closing Comment

by:PendleBusinessSolutions
ID: 31599756
You should have to turn off remote management, but in thiscase it did the trick, it must be faulty Draytek v2930 router firmware... (which to be fare, is very rare...)

Cheers guy's.

Chris.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Remote Desktop Connections allow you to control remote host machines via the magic of the Internet and RDP (Remote Desktop Protocol). For the purposes of this article we will assume you are connecting from your home PC or laptop to a remote offic…
Local Printing Using Remote Desktop Windows 7 sometimes has issues with printing to a local printer using a Remote Desktop Connection (RDC). The 1st step is to verify that printers are checked on the Local Resources tab of the Remote Desktop C…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now