Solved

Error getting remote desktop connection to pcs/server after login on RWW homepage in SBS 2008.

Posted on 2011-03-01
12
345 Views
Last Modified: 2013-11-21
My 1st post here so thanks in advance for your help.
I have RWW set up on SBS 2008 and it works fine on the internal network.
Our office is part of a building where the internet is provided free and it comes in on the ISP's router (external ip address is 83.xxx.xxx.xxx) then is split into subnets and into each office. In our office it's then connected to a Dlink dir-655 router and all the pc's and the server are attatched to this.
I've got the guy running the building to forward ports 443 & 987 to the external ip of our router where they are forwarded to the server.
Our website is hosted externally and i got them to forward the address https://remote.ourdomain.com to https://83.xxx.xxx.xxx/remote
When i browse to https://remote.ourdomain.com i get forwarded to https://83.xxx.xxx.xxx/remote where i get "There is a problem with this website's security certificate." I then click on "Continue to this website (not reccommended)" where i get to the RWW homepage.
I login here and get the "Connect to a computer/Connect to a server" screen but the problem then is when i try to get a remote connection to a pc or the server i get the error "To connect to Remote Web Workplace, you must install the proper certificate." and i can't connect.
I've installed the certificate for remote.ourdomain.com  on the Windows 7 laptop i'm using to connect but i'm assuming the problem is it doesn't match the address https://83.xxx.xxx.xxx/remote that i'm trying to connect to.
How do i go about sorting this out, preferably without purchasing an SSL certificate if possible?
0
Comment
Question by:Dahoe
  • 6
  • 5
12 Comments
 
LVL 4

Accepted Solution

by:
RobertParten earned 500 total points
ID: 35007884
Let me be brutally honest with you on this scenario, get a SSL certificate! Godaddy has them for $60 and they are worth every penny because it eliminates this frustration. However, because you have a redirect I am not sure how that is going to work out for you.

Why not setup a an A record for https://remote.ourdomain.com/ instead of doing some odd redirect so that way you can create a CSR and then submit it for a trusted 3prd party certificate?
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 35007934
http://www.clickssl.com/geotrust/quick-ssl-premium.aspx

That is not a bad price for a UCC Certificate, I highly recommend this route to avoid headaches, especially since you are in a production  environment.
0
 

Author Comment

by:Dahoe
ID: 35008023
Cheers for the quick response.
Ok so i guess buying a SSL Cert is the way to go.
How exactly do i go about setting up a an A record for https://remote.ourdomain.com/ ?
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 4

Expert Comment

by:RobertParten
ID: 35008172
Easy peasy, whoever hosts your domain's DNS records is where you would set that up. For instance, my domain: humanlinux.com - if you were to run a WHOIS on that domain you get the following two DNS servers:

 Name Server: CPANEL61.FASTDNSSERVERS.COM
 Name Server: CPANEL62.FASTDNSSERVERS.COM

These are with a hosting account I control so if I wanted to create an A record for: remote.humanlinux.com I would log into my control panel for DNS and create a A record that would resemble this in a BIND DNS server:

remote      IN     A     ip.add.res.ss

Thus, whenever I ping: remote.humanlinux.com - I will get the IP address I entered into DNS as a response (as long as the server responds). Sometimes you may have customer support that can create an A record for you as well. You will just need the IP address that you are using.

0
 

Author Comment

by:Dahoe
ID: 35008403
I'll get onto my website host and see if we can get this sorted and post back. Can i go ahead and generate a CSR now so?
Also can i buy any SSL Cert e.g. these ones from Comodo? http://www.positivessl.com/
0
 
LVL 6

Expert Comment

by:kennyhenao
ID: 35009144
If you don't want to buy a cert, then just follow this.

http://blogs.technet.com/b/sbs/archive/2008/09/30/how-do-i-distribute-the-sbs-2008-self-signed-ssl-certificate-to-my-users.aspx

This will get you to where you can download the correct self-signed cert and use RWW.

I have used these same steps for RWW and Outlook anywhere (RPC over HTTP)
0
 

Author Comment

by:Dahoe
ID: 35009644
I've tried those steps before already and still get the same problem.
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 35009784
Dahoe I am telling you brother, well worth the money to never have to deal with that headache again in a production environment
0
 

Author Comment

by:Dahoe
ID: 35009949
Yeah i reckon you're right, was onto my webhost briefly and he told me we don't have an SSL Certificate on our website so we'd have to purchase one or he can't setup https://remote.ourdomain.com only http://.
Would this be the same certificate i'm purchasing for the server?
Also can i buy any SSL Cert e.g. these ones from Comodo? http://www.positivessl.com/
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 35010079
NO no no, you would generate an CSR for a request on the server at your office. IN SBS 2008 there is a wizard that will guide you through setting up a Certificate request to submit to a certificate authority (godaddy, Comodo, Digicert). You then submit the request there and once approved you cna download the certificate.

http://technet.microsoft.com/en-us/library/cc546059%28WS.10%29.aspx

That includes the instructions for generating a request for a certificate.

All you need to tell your webhost (who hosts your DNS) is to create an "A" record for:

remote.whateveryourdomainis.com to YOUR IP address

That is IT, just have them create an A record.

After that, use whoever you want to for a certificate authority and submit the request and wait for approval.
0
 

Author Comment

by:Dahoe
ID: 35010361
Ok , sorry about that i'm fairly new to all this.
I've generated the CSR in SBS 2008 so i'll go and get the certificate.
My webhost says he's created the subdomain http://remote.ourdomain.com and forwarded it to https://83.xxx.xxx.xxx/remote which is the external ip address of our building and is port forwarded to our router and then onto server.
Is this ok?
0
 

Author Comment

by:Dahoe
ID: 35171686
Hi there, after a lot of hassle with verification, addresses/phone numbers etc, i've finally received my SSL Cert and added it to the server. I also imported it into Internet Explorer but i'm still getting the same error message. Any idea what could be going wrong? Is https://83.xxx.xxx.xxx/remote the correct address that my webhost has set up the A record for? or should it just be our external ip address 83.xxx.xxx.xxx?
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
In this article, I'll explain how to setup a Plex Media Server (https://plex.tv/) on a Redhat (Centos) 7 based NAS with screenshots to help those looking for assistance.  What is Plex? If you aren't familiar with Plex, it’s a DLNA media serv…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question