Accessing https port on SBS 2008
We have an outside support company, but thought I'd try here as well.
I have just installed Blackberry Server Express.
From the server I can access:
https://Servername.ABC.LOCAL:3443/webdesktop/login
But cannot access this from a workstation; cannot display page.
The fact that I can access it from the server I assume menas it's a firewall issue.
How do I allow access to this page from a workstatio?
Is it in SBS 2008 or the SonicWall?
Any help appreciated, I'm not hot with firewalls.
Cheers
John
I have just installed Blackberry Server Express.
From the server I can access:
https://Servername.ABC.LOCAL:3443/webdesktop/login
But cannot access this from a workstation; cannot display page.
The fact that I can access it from the server I assume menas it's a firewall issue.
How do I allow access to this page from a workstatio?
Is it in SBS 2008 or the SonicWall?
Any help appreciated, I'm not hot with firewalls.
Cheers
John
My first recommendation would be to disable the windows firewall on the server, and try it from a workstation on the LAN. If you want to re-enable the firewall after you track this down, you can add an exception to the windows firewall.
To forward the port in your sonicwall, run through the public server wizard, and you'll have to create a new service because that is likely a non-standard service and won't be in the sonicwall.
To forward the port in your sonicwall, run through the public server wizard, and you'll have to create a new service because that is likely a non-standard service and won't be in the sonicwall.
ASKER
I'm a little out of my depth here and unsure how far to proceed.
PeteLong, I followed your instructions and it did not work.
Locutus, I started the public server wizard but stopped at the point where it says:
Quote
If you enter an IP address that matches an existing Network Object, that
object will be renamed with the Server Name you specify here. You may
also enter an optional comment to help further identify the server.
Unquote
Obviously Blackberry is running on the SBS, I didn't want what I did to affect the current setup.
PeteLong, I followed your instructions and it did not work.
Locutus, I started the public server wizard but stopped at the point where it says:
Quote
If you enter an IP address that matches an existing Network Object, that
object will be renamed with the Server Name you specify here. You may
also enter an optional comment to help further identify the server.
Unquote
Obviously Blackberry is running on the SBS, I didn't want what I did to affect the current setup.
ASKER
BTW, if I enter:
https://192.168.1.2/
Into the web browser from my workstation, I get a 403 Forbidden; my be relative.
I do have full admin rights to domain., but not ofay with https setup.
https://192.168.1.2/
Into the web browser from my workstation, I get a 403 Forbidden; my be relative.
I do have full admin rights to domain., but not ofay with https setup.
okay, go to the services page in your sonicwall, and find the object for your server. Add the service you created (or are going to have to create) to that services group.
First, I would disable the windows firewall on the SBS server to make sure the server will respond from the LAN.
When putting IPs in, you can have issues. It is best to use the DNS names instead. the 403 is trying to access the web server's root dir.
First, I would disable the windows firewall on the SBS server to make sure the server will respond from the LAN.
When putting IPs in, you can have issues. It is best to use the DNS names instead. the 403 is trying to access the web server's root dir.
ASKER
You'll be getting the points soon. Not because I've done, but because I'm now embarrassed out struggling.
I've attached an image, the server was setup by an external company, I'm unsure why the firewall is enabled when, as far as I'm aware, the SonicWall is handling security. I don't want to change that setting in the image in case there is another reason for it.
I cannot see a services page in SonicWall. I looked under interfaces, routing etc looking for somewhere to add https access.
Let me know when you want to give up!
Appreciate your help so far though
server.jpg
I've attached an image, the server was setup by an external company, I'm unsure why the firewall is enabled when, as far as I'm aware, the SonicWall is handling security. I don't want to change that setting in the image in case there is another reason for it.
I cannot see a services page in SonicWall. I looked under interfaces, routing etc looking for somewhere to add https access.
Let me know when you want to give up!
Appreciate your help so far though
server.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Locutus-2k, the last bit of grading says partial, only because of my lack of understanding.
The answer worked out too easy, but you pointed out the way. I just added the port as an exception under the server firewall and got straight onto the page; I didn't need to touch SonicWall.
I found the address objects on SonicWall, but didn't have to touch them; which might be a shame, as I learned no more about SonicWall.
Thanks again for your help.
Of course the other issue is that I don't know if the firewall is set correctly following your comment earlier. I'll chat with our support guys.
Cheers
John
The answer worked out too easy, but you pointed out the way. I just added the port as an exception under the server firewall and got straight onto the page; I didn't need to touch SonicWall.
I found the address objects on SonicWall, but didn't have to touch them; which might be a shame, as I learned no more about SonicWall.
Thanks again for your help.
Of course the other issue is that I don't know if the firewall is set correctly following your comment earlier. I'll chat with our support guys.
Cheers
John
Create an exception for TCP port 3443 like this
http://petenetlive.com/KB/Article/0000193.htm
In my example I used RDP and 3389 yours should look like
3443:TCP:192.168.1.0/24,lo
where 192.168.1.0/24 is the server subnet