Accessing https port on SBS 2008

We have an outside support company, but thought I'd try here as well.
I have just installed Blackberry Server Express.
From the server I can access:
But cannot access this from a workstation; cannot display page.
The fact that I can access it from the server I assume menas it's a firewall issue.
How do I allow access to this page from a workstatio?
Is it in SBS 2008 or the SonicWall?
Any help appreciated, I'm not hot with firewalls.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
If you can access the console from a workstation that's also behind the Firewall then it will bee the firewall on the SBS server.

Create an exception for TCP port 3443 like this

In my example I used RDP and 3389 yours should look like


where is the server subnet
My first recommendation would be to disable the windows firewall on the server, and try it from a workstation on the LAN. If you want to re-enable the firewall after you track this down, you can add an exception to the windows firewall.

To forward the port in your sonicwall, run through the public server wizard, and you'll have to create a new service because that is likely a non-standard service and won't be in the sonicwall.
jasonbourneciaAuthor Commented:
I'm a little out of my depth here and unsure how far to proceed.
PeteLong, I followed your instructions and it did not work.
Locutus, I started the public server wizard but stopped at the point where it says:
If you enter an IP address that matches an existing Network Object, that
object will be renamed with the Server Name you specify here. You may
also enter an optional comment to help further identify the server.
Obviously Blackberry is running on the SBS, I didn't want what I did to affect the current setup.
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

jasonbourneciaAuthor Commented:
BTW, if I enter:
Into the web browser from my workstation, I get a 403 Forbidden; my be relative.
I do have full admin rights to domain., but not ofay with https setup.
okay, go to the services page in your sonicwall, and find the object for your server. Add the service you created (or are going to have to create) to that services group.

First, I would disable the windows firewall on the SBS server to make sure the server will respond from the LAN.

When putting IPs in, you can have issues. It is best to use the DNS names instead. the 403 is trying to access the web server's root dir.
Pete LongTechnical ConsultantCommented:
jasonbourneciaAuthor Commented:
You'll be getting the points soon. Not because I've done, but because I'm now embarrassed out struggling.
I've attached an image, the server was setup by an external company, I'm unsure why the firewall is enabled when, as far as I'm aware, the SonicWall is handling security. I don't want to change that setting in the image in case there is another reason for it.
I cannot see a services page in SonicWall. I looked under interfaces, routing etc looking for somewhere to add https access.
Let me know when you want to give up!
Appreciate your help so far though
wow... okay. seems the policy is applied incorrectly. not sure why they applied it to the DC, but thats another task to sort out. I guess if you can't/don't want to fix that and disable the server's firewall, you'll want to poke a hole in it.Under the windows firewall settings, go to exceptions and add a port.

In the sonicwall, on the left menu under Network -> Services is where you'll find the service objects and groups.

Then under Firewall -> Access Rules you'll find the server object you can add the service to.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jasonbourneciaAuthor Commented:
Thanks Locutus-2k, the last bit of grading says partial, only because of my lack of understanding.
The answer worked out too easy, but you pointed out the way. I just added the port as an exception under the server firewall and got straight onto the page; I didn't need to touch SonicWall.
I found the address objects on SonicWall, but didn't have to touch them; which might be a shame, as I learned no more about SonicWall.
Thanks again for your help.
Of course the other issue is that I don't know if the firewall is set correctly following your comment earlier. I'll chat with our support guys.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.