Remote access to Sharepoint on SBS2008 server

Hi I have recently installed an SSL cert issued by godaddy for a clients SBS2008 server so they can use outlook anywhere.
Outlook anywhere works perfectly but I have noticed a problem with accessing sharepoint via the hostname used in the certificate.

If I attempt to goto https://remote.domainname.com:987 on a system not added to the domain the page loads perfectly asking for credentials and then loading the sharepoint site.

However if I try the same from a system that has been added to the domain the page simply does not load. IE example "Internet Explorer cannot display the webpage".

If I navigate to the sharepoint site without using the SSL cert registered name and just the IP e.g https://xxx.xxx.xxx.xxx:987 the site will of course say there is a certificate error and give the user a choice to continue to the website or close (sharepoint then loads).

All the above tests occur when the user is outside the company network.

Any ideas what could be wrong?
IT101Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
adiloadiloCommented:
is there an A record for https://remote.domainname.com:987  from the oustide ?
also does the host on the certificate match remote.domainname.com ?

the reason why you get certificate error when you type  https://xxx.xxx.xxx.xxx:987 is that it is not a FQDM and it does not match the name on the certificate .

0
 
adiloadiloCommented:
are you sure that all these from  inside or outside your network ? please sepcify
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
IT101Author Commented:
Yes these tests are from outside the internal network.
Following are the main DNS records I have in use:
 An SRV record for outlookanywhere autodiscovery:
_autodiscover._tcp port 443 remote.domainname.com
An A record of to map remote.domainname.com to the server public IP:
remote xxx.xxx.xxx.xxx
Also as I said, the outlook anywhere is working.
Also I can access the RDP over SSL to control systems within the internal network connected to the domain. OWA also works correctly. Therefore the only thing that is not working within RWW is the company web.
Is it something to do with the addition of the port at the end of the name? i.e :987
0
 
adiloadiloCommented:
well 987 is not ssl , ssl is on port 443 ,  what are you extacly trying to do ? are doing a nat from 987 to 443 from outside ?
0
 
IT101Author Commented:
port 987 is the default port used for sharepoint.
0
 
adiloadiloCommented:
ssl won`t work on that port if you type https:// plus :987  it will just not work , only if you have nat on your firewall.
0
 
IT101Author Commented:
Yes I am NATing; I route this port straight to my SBS servers internal IP. This is why it works when I enter https://xxx.xxx.xxx.xxx:987.
But why doesn't it work when I enter https://remote.domainname.com:987?
 
0
 
adiloadiloCommented:
are you able to ping remote.domainname.com ?  i mean when you ping it do you get the right ip back from oustide ?
0
 
IT101Author Commented:
Yeah the dns resolves correctly but due to My firewall blocking icmp packets to this address nothing is sent back.
But yeah the dns must be right as I can use: https://remote.domainname.com/owa for instance.
0
 
adiloadiloCommented:
did you try adding host headers on the iis site ? you can have more than 1 SSL site on your IIS server, but you may be better off  binding a secondary IP address to your server and enabling SSL traffic to uniquely to each IP address. This allows for your URL's to not have a port designation. Since host headers are not supported on IIS for SSL sites. you can try this if it works.
0
 
IT101Author Commented:
It looks promising, I will have a read and give that a go.
0
All Courses

From novice to tech pro — start learning today.