Solved

SBS 2008 unable to access Company Website or OWA from behind a TZ105W

Posted on 2013-11-18
5
587 Views
Last Modified: 2013-11-20
The server is a SBS 2008, with an external website with exchange 2007.  The issue came about due to the customer wanting a faster VPN connection.  The previous setup was just a home edition linksys wireless router.  The company website was accessible from external IP addresses, and web-mail.
The sonic-wall was installed, the necessary rules were put in place such as RDP, and SMTP.  Well the users are able to send and receive emails, certain users can access email on their iPhones only, droid based phones unable to connect.  When you go to access the company website:  https://remote.xxxxxxxxxx.com  you receive the sonic-wall's log in information.
0
Comment
Question by:ttorno
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 22

Expert Comment

by:David Atkin
ID: 39656864
You're getting the SonicWall login because you need to redirect HTTP.  You need to forward the following ports on the sonicwall to the SBS:

80 (HTTP)
25 (SMTP)
443 (HTTPS)
987 (Sharepoint)
3389 (RDP - Personally I would not use the default port number though)
0
 
LVL 4

Expert Comment

by:kdubendorf
ID: 39657231
Scorpeo is correct.  You need to map your port settings as suggested.

I have seen issues also where external names (e.g. remote.domain.com) where remote.domain.com resolves to the Public IP address of the SonicWall or other router do not route the same behind the firewall as they would coming from the outside.   This can lead to issues with email and other services not working the same in the Office as they do from outside.

I can't tell from your question whether this is an issue or not for certain.
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39657891
Hi ttorno,

The SonicWALL security appliance can be managed using HTTP (Port 80) or HTTPS (443) and a Web browser. Both HTTP and HTTPS are enabled by default. If you are using the SonicWALL WAN IP address for HTTP or HTTPS port forwarding to a server, then the default Management port must be changed to another unused port number (e.g. 8080, 444, 4443, etc.). You can change this under the System > Administration page.

In order to properly setup access for OWA and SMTP all you need to do is run the Public Server Wizard in the SonicWALL located in the top right corner which will automatically create all the necessary Access Rules, NAT Policies and Address/Service Objects.

I would strongly recommend against opening port 3389 (RDP); it's not a Security Best Practice for many exploitative reasons. The better solution would be to provide VPN access, then internally RDP (which needs no port forwarding on the firewall).

Let me know how it goes!
0
 

Author Comment

by:ttorno
ID: 39659296
Thank you guys for all your comments, I originally configured the sonic-wall with the rules for email to pass through.  The other aspects were not mentioned to myself, and I was pulled off the protect.  I will pass the information on to my fellow technicians, and write back with the end results.
0
 

Author Comment

by:ttorno
ID: 39659581
Once the management ports were changed then the OWA and the Share-point site all came up without having to add the port number on the end of the url.  Thank you everyone.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question