Can't autoconfigure external devices / Outlook on SBS 2011
Posted on 2012-09-15
Hi there guys,
This is my first full SBS 2011 installation. Everything works perfectly with exchange clients on the local network as well as with OWA, RWW and RDP externally. However when I attempt to autoconfigure any device not on the same physical lan eg offsite outlook client, iphone or ipad - configuration fails. On Outlook (2007) using autoaccount setup I type in name, email address and password. After clicking OK I immediately get a security alert saying autodiscover.mydomain.co.uk the security certificate is from a trusted authority, the security certificate date is valid, the name on the security certificate is invalid or does not match the name of the site. I click on yes to proceed then it tells me an encrypted connection to mail server is not available click next to attempt with an unencrypted connection. A wait of a minute or so ensues at which point I am informed that there is a problem connecting to server.
This is the installation procedure I followed from scratch (any advice welcome as this is my first 2011 installation):
* I put the server together, configure RAID 10 etc
* Converted to a static IP address, changed the mx / a record so that mail. points to static ip address
* Installed SBS 2011
* Ran the wizards for connect to internet, setup your internet address, configure internet email (using DNS not smart host)
* Then I went into the (netgear dg834) router configuration. Even though its upnp the relevant ports appeared not to have been configured by the SBS wizard. I went ahead and created inbound firewall rules to forward http, https, smtp and rdp to the static IP address of mail server.
* As a troubleshooting measure I have now added an A record for autodiscover. that points to my static IP. I am waiting for the DNS to resolve but I did not think this step was necessary with sbs 2011.
1) Could anyone advise on how I can get external outlook / devices to autoconfigure?
2) As this is my first SBS 2011 I am edgy about security – have I followed the correct installation procedure and have I left any security holes etc?