[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 452
  • Last Modified:

help with accessing exchange from outside my office.

Ok, I'm a complete newb to exchange and don't know much more than how to login to server....<smile>
   I've used the wizards and setup eicw, my exchange is working in house fine.  I have owa working in house fine.
   Now I want to setup my laptop to access exchange from my house.  I'm currently using the pop connector to test things before setting up an mx record at my isp.
    I would also like to know how I can access owa from outside the office?  If that's too complicated for this question, I'll create a seperate one.
0
Jeff Perkins
Asked:
Jeff Perkins
  • 8
  • 7
3 Solutions
 
Rob WilliamsCommented:
The router at the SBS site needs to be set up with port forwarding, pointing the following ports to the SBS's internal IP.  25, 443, 444, 4125, and 1723 if using the VPN.

If you have not set up public DNS records you can access the SBS using the SBS site's public IP.  To access OWA use (note the 's' in https):
https://123.123.123.123/Exchange
You can also access Remote Web Workplace (RWW) using:
https://123.123.123.123/Remote
Both sites will give you a certificate error but you can choose to ignore.
When connected to RWW you can choose to access a PC, SharePoint, or OWA.  There is also an option on the right "Configure Outlook Via the Internet". This will give you detailed instructions how to connect Outlook from off-site using rpc/http.  The RWW page can be accessed internally with http://SBSname.
0
 
Rob WilliamsCommented:
ps- I see by your other post you have set up a public DNS record. Assuming it is working you can access OWA with:
https://remote.mydomain.com/Exchange

Also if the router is UPnP enabled it "should" have configured the port forwarding.
0
 
Exchange_GeekCommented:
Precisely what Rob is talking about can be configured by in-built console, follow the steps mentioned in the list below to setup webmail and other ports - PLEASE use in-built consoles ONLY for configuring ports.

http://www.msexchange.org/tutorials/configuring-incoming-outgoing-email-windows-small-business-server-2003.html

Regards,
Exchange_Geek
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Rob WilliamsCommented:
Nice link Exchange_Geek!  Very complete and easy to follow.
--Rob.
0
 
Jeff PerkinsOwnerAuthor Commented:
Ok guys, is there some way I can test this from inside the network?  I set everything up last nite, and according to my isp it takes up to 4 hrs for the dns A record to propogate, and I waited till this morning before leaving for the office to check it.  When I went to remote.mydomain.com/remote I got page cannot be displayed.  I hadn't checked this post yet, so I wasn't aware of how to test the owa and other stuff.
    I'm thinking I may have port issues, but can't remember my pass on the router to go in an check it, so I'll probably have to reset it when I get back to the office today and then go thru the whole setup again.  I know that I did select all of the appropriate services when runnign the IECW, so I'm sure it's possible my router just may not have setup correctly from that.  Just thought if there was some way of testing from within the network it would cut down on my time of having to be somewhere else to test and here to make adjustments.
   I know that I can acceess remote and owa from internally, but that doesn't test my dns settings or my ports being open.
0
 
Rob WilliamsCommented:
You cannot really test "Outlook via the Internet" internally or externally using an IP.  You can test OWA and RWW (on SBS 2003) using an IP.

You do need to fill in the advanced details in Outlook as I pointed out, which are available on the RWW page, specific to your domain.

By the way your ISP may take 4 hours to update your DNS records but they can take 24 hours to propagate the Internet.  Usually 2-8.
Does your ISP manage your public domain name and DNS records?  That is possible but not common.
0
 
Jeff PerkinsOwnerAuthor Commented:
Does your ISP manage your public domain name and DNS records?  That is possible but not common.

I'm not sure I understand the question Rob,  I have a website that I use that is hosted with bluehost.  I contacted them about setting up a dns reference that I could use for the purpose of my accessing RWW.  They told me to me setup an A record, so I created the one I was talking about in my other post. I don't have a clue what I'm doing, so it's hard to know if I did it right. They weren't much help at bluehost either.... so.... not sure what i can do next, I'll be home early this evening, so I'll test it out when I get there again.
0
 
Rob WilliamsCommented:
If you were able to set up an (A) host record you were in the right place, but BlueHost is not your ISP I assume but rather a hosting service.  It would be more likely they manage your DNS.  Short answer, you should be all set.  You will eventually also want an Mx record but you don't need that if using the POP connector.
0
 
Jeff PerkinsOwnerAuthor Commented:
Rob,
  Yeah, don't know why I called them my ISP, they are my webhost, obviously.  And I think the problem here in lies with my router.  Due to changes in my recent employee status I changed some stuff around in the shop and don't have the password for my router, so I can't get in to double check and see if I'm right yet.  I will have to reset it to default and then go back in, but now that I think about it, I"m almost positive this is the case.  Just had too many late nites and early mornings to crack that egg right now.  Probably be this weekend if things go right.  
   I'm running a Dlink router and I remember now that this particular router had a problem with Win 7 systems, and the fix was to go in and disable the 'UPNP'  which would mean my server saw it as pnp but couldn't do anything about it.  
   Don't know if there is a firmware fix to resolve that, or if I should just go in and set all the appropriate ports for the services I want.  
   Will touch back as soon as I've had time to reset the router and open that can of worms.
J
0
 
Rob WilliamsCommented:
There are actually security concerns with having UPnP enabled.  I would recommend disabling and manually setting the port forwards.

You can test if properly configure by accessing   www.canyouseeme.org from a web browser running on the SBS.  The test will work for all ports 25, 443, 444, and 1723, but not 4125.
0
 
Jeff PerkinsOwnerAuthor Commented:
Ok, I was running the other question I had posted before paying attention here, and now that I ran the EICW with UPNP enabled, I logged into the router and could not see where it had put any port forwarding into the configuration, but obviously it's working.  
   Is it possible now that I have it configured that I can go into the router and disable PNP and things would stay as they are, or would I still have to open the ports manually?
0
 
Rob WilliamsCommented:
If you disable UPnP it should retain the current configuration, but future changes have to be done manually.  Which is a more secure option.
0
 
Jeff PerkinsOwnerAuthor Commented:
Kewl, that's what I'll do then, once I get things up and running without any hitches. I'm doing it in little steps, I have about 6 different email addresses I use, and I didn't want them to all go into one inbox, but I think that is what I"m stuck with on exchange?  I got my exchange email working, now just have to figure out using calendar and a universal contact list. LOL
0
 
Jeff PerkinsOwnerAuthor Commented:
Ok, I know it took me a while to get this closed, but I have managed to get Exchange working. A few glitches and some major email losses along the way. I didn't realize that once I started importing email into exchange that the emails that wouldn't fit due to size restrictions on the mailbox would be lost, and I also didn't realize it would import all mail with the same date.
    Before I close this I thought it might be helpful for future searchers to have a little more info.  I'm using a dlink dir 615 wireless router between my server and the internet.  This router has UPNP feature as mentioned above,  the server is able to configure the router and make it work, but.... you cannot go back and disable UPNP because it willl quit working. If you use UPNP to setup the router you have to leave it that way.
   Also, in using this I have been unable to limit port 25 to my server only. I may not be doing that correctly, but this question has become long enough so I'm going to close it and ask another for manually configuring the router.
  Thanks to all for the help.
R
0
 
Rob WilliamsCommented:
There are security risks with UPnP  so it is actually best to disabled and manually configure.  See GRC's site regarding risks.
http://www.grc.com/unpnp/unpnp.htm
Manually configuring is also more stable.

The following guide shows you how to manually configure the D-Link DIr 615 for port 25.  
http://portforward.com/english/routers/port_forwarding/Dlink/DIR-615/SMTP.htm
You can use the same process for other ports.  You only need 25 for Exchange but the other recommended services/ports are:
25 SMTP (Exchange)
443  OWA, RWW/RWA, Sharepoint
444 Sharepoint (SBS 2003)
987 Sharepoint (SBS 2008/2011)
4125  (RWW (SBS 2003)
1723 PPTP VPN

>>”I didn't realize that once I started importing email into exchange that the emails that wouldn't fit due to size restrictions on the mailbox would be lost”
They should not really be lost but rather an NDR (non delivery report) sent to the sender stating they excedded the message size limit.  To increase the limits see:
http://blog.lan-tech.ca/2011/10/27/quickie-changing-message-size-limits-on-sbs-std-2008-and-2011/

>>” I also didn't realize it would import all mail with the same date. :”
Not sure I understand this point.
0
 
Jeff PerkinsOwnerAuthor Commented:
I also chose my comment to be included just for the information that I found would be useful to future searchers.
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now