SBS2008 remote web workplace unreachable from internet


Im unable to open RWW from the internet. I can open it from within the LAN. Microsoft Exchange MX record, SMTP in & out work fine. SERVER1 on SBS2008 hosts Exchange 2007, Sharepoint, RWW etc websites.

Within the LAN the following URLs result in:
http://server1  :  IIS homepage
https://server1/  :  a directory listing for server-/
https://server1/Remote/  : RWW logon page
https://server1/owa & https://server1/exchange  :  owa logon
(& the above work as within the LAN)

From the internet:   :  a directory listing for server-/  :  I.E. cant display the page  :  I.E. cant display the page : :  I.E. cant display the page
RDP works ok both to public ip or

Router :

SSL: self-certificate generated on SERVER1 & installed on my I.E. on my pc.

WAN/PUBLIC IPs: 2 IP addresses:
Router: >
SERVER1 :  router feature WAN IP Alias  fwds >
Ports Open: 25, 80, 443, 987, 1723 & 3389

MX: resolves to ok.

Jay Ratansi
Who is Participating?
Rob WilliamsCommented:
>>"Ok, I have re-ran IAMW and accepted default 'remote' prefix."
Good but none of your http or https links to  will work because SBS is not configured to accept them. It is configured to accept

I assume you only have 1 NIC on SBS 2008? It will not support 2 like SBS 2003
Alan HardistyCo-OwnerCommented:
Depending on how you configured your SBS server, your default site for remote will be
The ports you have listed are fine (as long as they are all forwarded properly)
Try and see if that works.
Alan HardistyCo-OwnerCommented:
Have you also run the Internet Address Management Wizard?
Useful link to RWW info: 
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Rob WilliamsCommented:
As Alan pointed out, the default to connect to your SBS2008 is 
If you are trying to connect using then you need to rerun the set up your internet address wizard again and change from the default "remote".
The address chosen with the wizard, the certificate, and your external DNS host record all have to be the same.

Also verify from the server that port 443 is open by testing using  (note 987 will fail that  test, because of the way it is set up)
Jay_RatansiAuthor Commented:
I ran the IAMW & chose advanced options with & 'server1' as the prefix (instead of remote).

as for using 'remote' prefix: I can't amend domain dns records until the person with the passwords returns from holidays!

Is it possible to configure sbs rww to use dynamic IP clients eg. eg. would this interfere with Exchange smtp which working fine now?
Alan HardistyCo-OwnerCommented:
Do you have a remote record setup in DNS already?

If so, you could re-run the wizard and change it to remote.

Not sure about using the ip address.
Rob WilliamsCommented:
>>"Is it possible to configure sbs rww to use dynamic IP clients eg."
Sure it works fine, but you need to purchase the DNS plus managed service and set up your DNS records there. has a similar service I believe it is called "custom DNS".
Jay_RatansiAuthor Commented:
Ok, I have re-ran IAMW and accepted default 'remote' prefix.  I'll have to wait a few days to setup a DNS A record at hosting isp for

Meanwhile, it seems to me that there may be a general  https config problem:

(a) a DNS record for exists at hosting level & this pings ok to 139.111.112;
(b) in I.E. results in directory listing;
(c) however, results in a page can't be displayed error ie. no security warning etc
(d) router handles 2 public IPs : 1 for router & 2nd for server1. Router (Draytek Vigor) uses Wan IP Alias feature to redirect 2nd public ip to server1 on;
(e) I can rdp to and 2nd public ip (> server1);
(f) when running on server1 for port 443, it picks 1st public ip (router) & errors;


Alan HardistyCo-OwnerCommented:
Why do you have two IP's on the router and what services do you have that require two IP's?
If you visit and you get then you will get problems as it sounds like your web requests are set to arrive on IP and then the server sends them back on
Do you ned two Public IP's?
Jay_RatansiAuthor Commented:
The two public IP's are inherited from SBS2003 setup. The router on public ip1 & 2nd nic on sbs2003 on public ip2.

As the hosting dns MX record was already configured for pointing to public ip2 (& since I can't get the hosting dns changed for a week or so) I've had to work with the 2 IPs. The Draytek Vigor router handles both of these. Open Ports are configured to direct sbs2008 ports to   I can ping ok both public IPs from server1.
Jay_RatansiAuthor Commented:
Yes, just 1 NIC on SBS2008.

as regards 'none of your http or https links to  will work because SBS is not configured to accept them. It is configured to accept' : i'm puzzled that  continues to result in directory listing from server whereas the corresponding https results in error.

Originally I ran IAMW with prefix 'server1' which should have worked as IAMW allows for prefixes other than 'remote'?
Jay_RatansiAuthor Commented:
Apart from the 'remote' dns prefix issue, it turned out that the Draytek router was not passing through https traffic. Although open ports/port fwding had been correctly setup, Draytek has an option to manage the router directly from web. It allows for configuring standard & custom ports for http, https etc ports Although https was unticked, it nevertheless didn't work until I changed the port to 9443.

many thanks to both of you for prompt help.  
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.