We help IT Professionals succeed at work.

SBS2008 is refusing OWA and Remote outside Access -- Port 443 traffic not getting through

haysys1
haysys1 asked
on
Hello All,

I've got a problem that I can't seem to solve. This is a recent SBS 2008 system (installed 20 days ago) that was providing OWA and ActiveSync access from the outside... no problem. I went out of town for two weeks and returned to OWA, REMOTE and ActiveSync failing. I've run the Network Diagnostic wizard several times, but it says there's no problem.

OWA and Remote work just fine on the inside of the network, but refuse to present the Challenge/Response dialog on the outside. The results of a Port scan show port 443 either filtered or closed.

I pounded on the WatchGuard XTM2 firewall with no change so put a temporary Netgear RP614 in its place. These routers are dead simple and SMTP flows fine but no change on HTTPS... the Server still refuses to respond to anything on Port 443 from the outside.

I recall that on IIS 6.0, there were IP settings that excluded access from anything outside the local subnet, but I don't know of any such settings in IIS 7.0 (ignorance acknowledged here).

I feel that I have covered all of the standard stuff, though I may be overlooking something simple. And again, this was working for a couple of weeks but then stopped. I sure would appreciate some help on this one.

Thanks for reading!!

David
Comment
Watch Question

SILVER EXPERT
Distinguished Expert 2018
Commented:
Watchguards have good logging built in. Have you verified that outside 443 traffic is *reaching* the watchguard? Are you seeing successful packets pass through the device? I've seen ISPs start blocking if they suspect abuse...

-Cliff

Author

Commented:
Cliff,

That is an interesting question. I had not considered the possibility, though I'm thinking it is rather remote. I will investigate. Thanks!!

And Cliff, I accidentally clicked the NO button on the "Was the comment helpful". My brain was not engaged when I did that... my apologies!!

As an adjunct to my first message,I forgot to mention that I have had the Windows Firewall both on and off with the same results.

David

Author

Commented:
Cliff,

You deserve a gold star and have definitely earned the 500 points.

The problem was a Qwest M1000 modem that had somehow decided that it would selectively pass traffic. Even though the Firewall was disabled, it was not passing port 443.

Thanks for the intuitive kick in the right direction. I do appreciate it!!

David

Author

Commented:
Cliff read the problem description and intuited the direction to investigate.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.