Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

SBS 2008 unable to access Company Website or OWA from behind a TZ105W

The server is a SBS 2008, with an external website with exchange 2007.  The issue came about due to the customer wanting a faster VPN connection.  The previous setup was just a home edition linksys wireless router.  The company website was accessible from external IP addresses, and web-mail.
The sonic-wall was installed, the necessary rules were put in place such as RDP, and SMTP.  Well the users are able to send and receive emails, certain users can access email on their iPhones only, droid based phones unable to connect.  When you go to access the company website:  https://remote.xxxxxxxxxx.com  you receive the sonic-wall's log in information.
0
ttorno
Asked:
ttorno
1 Solution
 
David AtkinTechnical DirectorCommented:
You're getting the SonicWall login because you need to redirect HTTP.  You need to forward the following ports on the sonicwall to the SBS:

80 (HTTP)
25 (SMTP)
443 (HTTPS)
987 (Sharepoint)
3389 (RDP - Personally I would not use the default port number though)
0
 
kdubendorfCommented:
Scorpeo is correct.  You need to map your port settings as suggested.

I have seen issues also where external names (e.g. remote.domain.com) where remote.domain.com resolves to the Public IP address of the SonicWall or other router do not route the same behind the firewall as they would coming from the outside.   This can lead to issues with email and other services not working the same in the Office as they do from outside.

I can't tell from your question whether this is an issue or not for certain.
0
 
Blue Street TechLast KnightsCommented:
Hi ttorno,

The SonicWALL security appliance can be managed using HTTP (Port 80) or HTTPS (443) and a Web browser. Both HTTP and HTTPS are enabled by default. If you are using the SonicWALL WAN IP address for HTTP or HTTPS port forwarding to a server, then the default Management port must be changed to another unused port number (e.g. 8080, 444, 4443, etc.). You can change this under the System > Administration page.

In order to properly setup access for OWA and SMTP all you need to do is run the Public Server Wizard in the SonicWALL located in the top right corner which will automatically create all the necessary Access Rules, NAT Policies and Address/Service Objects.

I would strongly recommend against opening port 3389 (RDP); it's not a Security Best Practice for many exploitative reasons. The better solution would be to provide VPN access, then internally RDP (which needs no port forwarding on the firewall).

Let me know how it goes!
0
 
ttornoAuthor Commented:
Thank you guys for all your comments, I originally configured the sonic-wall with the rules for email to pass through.  The other aspects were not mentioned to myself, and I was pulled off the protect.  I will pass the information on to my fellow technicians, and write back with the end results.
0
 
ttornoAuthor Commented:
Once the management ports were changed then the OWA and the Share-point site all came up without having to add the port number on the end of the url.  Thank you everyone.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now