[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 667
  • Last Modified:

Accessing https port on SBS 2008

We have an outside support company, but thought I'd try here as well.
I have just installed Blackberry Server Express.
From the server I can access:
https://Servername.ABC.LOCAL:3443/webdesktop/login
But cannot access this from a workstation; cannot display page.
The fact that I can access it from the server I assume menas it's a firewall issue.
How do I allow access to this page from a workstatio?
Is it in SBS 2008 or the SonicWall?
Any help appreciated, I'm not hot with firewalls.
Cheers
John
0
jasonbournecia
Asked:
jasonbournecia
  • 4
  • 3
  • 2
1 Solution
 
Pete LongTechnical ConsultantCommented:
If you can access the console from a workstation that's also behind the Firewall then it will bee the firewall on the SBS server.

Create an exception for TCP port 3443 like this
http://petenetlive.com/KB/Article/0000193.htm

In my example I used RDP and 3389 yours should look like

3443:TCP:192.168.1.0/24,localsubnet:enabled:BLACKBERRY

where 192.168.1.0/24 is the server subnet
0
 
Locutus-2kCommented:
My first recommendation would be to disable the windows firewall on the server, and try it from a workstation on the LAN. If you want to re-enable the firewall after you track this down, you can add an exception to the windows firewall.

To forward the port in your sonicwall, run through the public server wizard, and you'll have to create a new service because that is likely a non-standard service and won't be in the sonicwall.
0
 
jasonbourneciaAuthor Commented:
I'm a little out of my depth here and unsure how far to proceed.
PeteLong, I followed your instructions and it did not work.
Locutus, I started the public server wizard but stopped at the point where it says:
Quote
If you enter an IP address that matches an existing Network Object, that
object will be renamed with the Server Name you specify here. You may
also enter an optional comment to help further identify the server.
Unquote
Obviously Blackberry is running on the SBS, I didn't want what I did to affect the current setup.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
jasonbourneciaAuthor Commented:
BTW, if I enter:
https://192.168.1.2/
Into the web browser from my workstation, I get a 403 Forbidden; my be relative.
I do have full admin rights to domain., but not ofay with https setup.
0
 
Locutus-2kCommented:
okay, go to the services page in your sonicwall, and find the object for your server. Add the service you created (or are going to have to create) to that services group.

First, I would disable the windows firewall on the SBS server to make sure the server will respond from the LAN.

When putting IPs in, you can have issues. It is best to use the DNS names instead. the 403 is trying to access the web server's root dir.
0
 
Pete LongTechnical ConsultantCommented:
0
 
jasonbourneciaAuthor Commented:
You'll be getting the points soon. Not because I've done, but because I'm now embarrassed out struggling.
I've attached an image, the server was setup by an external company, I'm unsure why the firewall is enabled when, as far as I'm aware, the SonicWall is handling security. I don't want to change that setting in the image in case there is another reason for it.
I cannot see a services page in SonicWall. I looked under interfaces, routing etc looking for somewhere to add https access.
Let me know when you want to give up!
Appreciate your help so far though
server.jpg
0
 
Locutus-2kCommented:
wow... okay. seems the policy is applied incorrectly. not sure why they applied it to the DC, but thats another task to sort out. I guess if you can't/don't want to fix that and disable the server's firewall, you'll want to poke a hole in it.Under the windows firewall settings, go to exceptions and add a port.

In the sonicwall, on the left menu under Network -> Services is where you'll find the service objects and groups.

Then under Firewall -> Access Rules you'll find the server object you can add the service to.
0
 
jasonbourneciaAuthor Commented:
Thanks Locutus-2k, the last bit of grading says partial, only because of my lack of understanding.
The answer worked out too easy, but you pointed out the way. I just added the port as an exception under the server firewall and got straight onto the page; I didn't need to touch SonicWall.
I found the address objects on SonicWall, but didn't have to touch them; which might be a shame, as I learned no more about SonicWall.
Thanks again for your help.
Of course the other issue is that I don't know if the firewall is set correctly following your comment earlier. I'll chat with our support guys.
Cheers
John
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now