Solved

SBS 2008 unable to access Company Website or OWA from behind a TZ105W

Posted on 2013-11-18
5
578 Views
Last Modified: 2013-11-20
The server is a SBS 2008, with an external website with exchange 2007.  The issue came about due to the customer wanting a faster VPN connection.  The previous setup was just a home edition linksys wireless router.  The company website was accessible from external IP addresses, and web-mail.
The sonic-wall was installed, the necessary rules were put in place such as RDP, and SMTP.  Well the users are able to send and receive emails, certain users can access email on their iPhones only, droid based phones unable to connect.  When you go to access the company website:  https://remote.xxxxxxxxxx.com  you receive the sonic-wall's log in information.
0
Comment
Question by:ttorno
5 Comments
 
LVL 22

Expert Comment

by:David Atkin
ID: 39656864
You're getting the SonicWall login because you need to redirect HTTP.  You need to forward the following ports on the sonicwall to the SBS:

80 (HTTP)
25 (SMTP)
443 (HTTPS)
987 (Sharepoint)
3389 (RDP - Personally I would not use the default port number though)
0
 
LVL 4

Expert Comment

by:kdubendorf
ID: 39657231
Scorpeo is correct.  You need to map your port settings as suggested.

I have seen issues also where external names (e.g. remote.domain.com) where remote.domain.com resolves to the Public IP address of the SonicWall or other router do not route the same behind the firewall as they would coming from the outside.   This can lead to issues with email and other services not working the same in the Office as they do from outside.

I can't tell from your question whether this is an issue or not for certain.
0
 
LVL 24

Accepted Solution

by:
diverseit earned 500 total points
ID: 39657891
Hi ttorno,

The SonicWALL security appliance can be managed using HTTP (Port 80) or HTTPS (443) and a Web browser. Both HTTP and HTTPS are enabled by default. If you are using the SonicWALL WAN IP address for HTTP or HTTPS port forwarding to a server, then the default Management port must be changed to another unused port number (e.g. 8080, 444, 4443, etc.). You can change this under the System > Administration page.

In order to properly setup access for OWA and SMTP all you need to do is run the Public Server Wizard in the SonicWALL located in the top right corner which will automatically create all the necessary Access Rules, NAT Policies and Address/Service Objects.

I would strongly recommend against opening port 3389 (RDP); it's not a Security Best Practice for many exploitative reasons. The better solution would be to provide VPN access, then internally RDP (which needs no port forwarding on the firewall).

Let me know how it goes!
0
 

Author Comment

by:ttorno
ID: 39659296
Thank you guys for all your comments, I originally configured the sonic-wall with the rules for email to pass through.  The other aspects were not mentioned to myself, and I was pulled off the protect.  I will pass the information on to my fellow technicians, and write back with the end results.
0
 

Author Comment

by:ttorno
ID: 39659581
Once the management ports were changed then the OWA and the Share-point site all came up without having to add the port number on the end of the url.  Thank you everyone.
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Suggested Solutions

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now