Solved

Error getting remote desktop connection to pcs/server after login on RWW homepage in SBS 2008.

Posted on 2011-03-01
12
343 Views
Last Modified: 2013-11-21
My 1st post here so thanks in advance for your help.
I have RWW set up on SBS 2008 and it works fine on the internal network.
Our office is part of a building where the internet is provided free and it comes in on the ISP's router (external ip address is 83.xxx.xxx.xxx) then is split into subnets and into each office. In our office it's then connected to a Dlink dir-655 router and all the pc's and the server are attatched to this.
I've got the guy running the building to forward ports 443 & 987 to the external ip of our router where they are forwarded to the server.
Our website is hosted externally and i got them to forward the address https://remote.ourdomain.com to https://83.xxx.xxx.xxx/remote
When i browse to https://remote.ourdomain.com i get forwarded to https://83.xxx.xxx.xxx/remote where i get "There is a problem with this website's security certificate." I then click on "Continue to this website (not reccommended)" where i get to the RWW homepage.
I login here and get the "Connect to a computer/Connect to a server" screen but the problem then is when i try to get a remote connection to a pc or the server i get the error "To connect to Remote Web Workplace, you must install the proper certificate." and i can't connect.
I've installed the certificate for remote.ourdomain.com  on the Windows 7 laptop i'm using to connect but i'm assuming the problem is it doesn't match the address https://83.xxx.xxx.xxx/remote that i'm trying to connect to.
How do i go about sorting this out, preferably without purchasing an SSL certificate if possible?
0
Comment
Question by:Dahoe
  • 6
  • 5
12 Comments
 
LVL 4

Accepted Solution

by:
RobertParten earned 500 total points
Comment Utility
Let me be brutally honest with you on this scenario, get a SSL certificate! Godaddy has them for $60 and they are worth every penny because it eliminates this frustration. However, because you have a redirect I am not sure how that is going to work out for you.

Why not setup a an A record for https://remote.ourdomain.com/ instead of doing some odd redirect so that way you can create a CSR and then submit it for a trusted 3prd party certificate?
0
 
LVL 4

Expert Comment

by:RobertParten
Comment Utility
http://www.clickssl.com/geotrust/quick-ssl-premium.aspx

That is not a bad price for a UCC Certificate, I highly recommend this route to avoid headaches, especially since you are in a production  environment.
0
 

Author Comment

by:Dahoe
Comment Utility
Cheers for the quick response.
Ok so i guess buying a SSL Cert is the way to go.
How exactly do i go about setting up a an A record for https://remote.ourdomain.com/ ?
0
 
LVL 4

Expert Comment

by:RobertParten
Comment Utility
Easy peasy, whoever hosts your domain's DNS records is where you would set that up. For instance, my domain: humanlinux.com - if you were to run a WHOIS on that domain you get the following two DNS servers:

 Name Server: CPANEL61.FASTDNSSERVERS.COM
 Name Server: CPANEL62.FASTDNSSERVERS.COM

These are with a hosting account I control so if I wanted to create an A record for: remote.humanlinux.com I would log into my control panel for DNS and create a A record that would resemble this in a BIND DNS server:

remote      IN     A     ip.add.res.ss

Thus, whenever I ping: remote.humanlinux.com - I will get the IP address I entered into DNS as a response (as long as the server responds). Sometimes you may have customer support that can create an A record for you as well. You will just need the IP address that you are using.

0
 

Author Comment

by:Dahoe
Comment Utility
I'll get onto my website host and see if we can get this sorted and post back. Can i go ahead and generate a CSR now so?
Also can i buy any SSL Cert e.g. these ones from Comodo? http://www.positivessl.com/
0
 
LVL 6

Expert Comment

by:kennyhenao
Comment Utility
If you don't want to buy a cert, then just follow this.

http://blogs.technet.com/b/sbs/archive/2008/09/30/how-do-i-distribute-the-sbs-2008-self-signed-ssl-certificate-to-my-users.aspx

This will get you to where you can download the correct self-signed cert and use RWW.

I have used these same steps for RWW and Outlook anywhere (RPC over HTTP)
0
ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

 

Author Comment

by:Dahoe
Comment Utility
I've tried those steps before already and still get the same problem.
0
 
LVL 4

Expert Comment

by:RobertParten
Comment Utility
Dahoe I am telling you brother, well worth the money to never have to deal with that headache again in a production environment
0
 

Author Comment

by:Dahoe
Comment Utility
Yeah i reckon you're right, was onto my webhost briefly and he told me we don't have an SSL Certificate on our website so we'd have to purchase one or he can't setup https://remote.ourdomain.com only http://.
Would this be the same certificate i'm purchasing for the server?
Also can i buy any SSL Cert e.g. these ones from Comodo? http://www.positivessl.com/
0
 
LVL 4

Expert Comment

by:RobertParten
Comment Utility
NO no no, you would generate an CSR for a request on the server at your office. IN SBS 2008 there is a wizard that will guide you through setting up a Certificate request to submit to a certificate authority (godaddy, Comodo, Digicert). You then submit the request there and once approved you cna download the certificate.

http://technet.microsoft.com/en-us/library/cc546059%28WS.10%29.aspx

That includes the instructions for generating a request for a certificate.

All you need to tell your webhost (who hosts your DNS) is to create an "A" record for:

remote.whateveryourdomainis.com to YOUR IP address

That is IT, just have them create an A record.

After that, use whoever you want to for a certificate authority and submit the request and wait for approval.
0
 

Author Comment

by:Dahoe
Comment Utility
Ok , sorry about that i'm fairly new to all this.
I've generated the CSR in SBS 2008 so i'll go and get the certificate.
My webhost says he's created the subdomain http://remote.ourdomain.com and forwarded it to https://83.xxx.xxx.xxx/remote which is the external ip address of our building and is port forwarded to our router and then onto server.
Is this ok?
0
 

Author Comment

by:Dahoe
Comment Utility
Hi there, after a lot of hassle with verification, addresses/phone numbers etc, i've finally received my SSL Cert and added it to the server. I also imported it into Internet Explorer but i'm still getting the same error message. Any idea what could be going wrong? Is https://83.xxx.xxx.xxx/remote the correct address that my webhost has set up the A record for? or should it just be our external ip address 83.xxx.xxx.xxx?
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now