Re: Configuring SBS to allow Remote Access
From: Merv Porter [SBS-MVP] (mwport_at_hotmail.com_no_spam)
Date: 04/18/04
- Next message: J M: "SBS Login Script?"
- Previous message: Peter Cororan: "Re: Installing SBS Server 2000 on a Notebook"
- In reply to: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Next in thread: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Reply: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 18 Apr 2004 09:53:12 -0500
Port 80 does not need to be opened just to use RRW. You would be using port
443 for a secure connection (https://fqdn/remote).
Port 80 is the number one attack port for hackers. Since you have
everything on one server (Exchange, company data, user data, etc.) you could
compromising your entire network. It would be much better to have someone
else host your web site or but the web site on a separate server that is
locate in a the DMZ behind your router.
Do you want to host a web site on your SBS...
http://www.sbslinks.com/HOSTING.htm
Another question... do you have SBS 2003 Premium or Standard?
Accessing RWW... I'm assuming you have a static IP address from your ISP and
that you have an MX record and "A" record created by the ISP so that you can
use SMTP for email. When you create the certificate, you can use:
mail.abcdefgh.com
or you can use the static WAN IP of your server (xxx.xxx.xxx.xxx).
Whichever you select, your remote users would have to follow suit when
accessing via RWW: https://mail.abcdefgh.com/remote or
https://xxx.xxx.xxx.xxx/remote
If your are going to take the route of hosting your own web site on your
SBS, you would have your ISP set up an "A" record pointing to your SBS
server and you would use: bob.adgdefgh.com for the certificate. RWW
users would then enter: https://bob.abcdefgh.com/remote or
http://www.abcdefgh.com/remote in their web browser.
You would also need to use port forwarding in your router's setup program to
forward ports to the external NIC on your SBS. (most commonly 443, 444,
4125; and port 80 for http:// traffic, if you host your own web site on your
SBS)
-- Merv Porter [SBS MVP] =================================== "DoomSlayer" <anonymous@discussions.microsoft.com> wrote in message news:088901c42540$a1cf2b60$a101280a@phx.gbl... > Hi Merv > > It would appear from reading the documentation that if we > were to use Remote Web Workplace then we would still need > to have Port 80 opened in which case we might as well > host our own website there. > > Here's something that I can't find out about. > > We have a website example: www.abcdefgh.com hosted with > XYZ. > > We also have ADSL services provided by QWERTY ISP. > > Our SB Server is called BOB and so we created a self > certificate during installation of BOB.abcdefgh.com. > > How do we then setup our SBS Server BOB for Remote Web > Workplace? > > ie. I can't get my head around this. Do we need to add > BOB.abcdefgh.com to DNS servers at our QWERTY ISP? I'm > not too techie when it comes to DNS and I can't find out > what the heck I'm supposed to in any documentation that's > in plain speak and makes sense. > > Thanks for your help so far. > > > >-----Original Message----- > >Is this SBS 2003 Premium or Standard? > > > >The help files in SBS 2003 are a good start. Also... > > > >Host website... this may not be the most secure setup > since all your other > >apps and data will reside on the same domain controller > and port 80 must be > >opened. May be better to have your ISP or another > entity host your web > >site. Then you can update it as needed from behind the > relative safety of > >your SBS. > >http://www.sbslinks.com/HOSTING.htm > > > >Remote Access... if the LAN workstations are WinXP Pro > and only one user is > >assigned to each workstation, Remote Web Workplace will > allow secure remote > >control of the LAN workstation from any point on the > Internet. CEICW (and > >the help files therein) will set this up. Your router > need some ports open > >and/or forwarded: > > > >Table A: Ports that Enable Remote Access to SBS Services > >http://www.winnetmag.com/Files/40832/Table_01.html > > > >Remote Web Workplace - How it works Part 1 > >http://www.sbsfaq.com/news/getArticle.asp? > MessageID=000000001A447390AA6611CD9BC800AA002FC45A0900E049 > B559A334DD479C5D360FB473600B0000000187180000E049B559A334DD > 479C5D360FB473600B0000000249E20000&path=News/ > > > >TechNet Support WebCast: An overview of Microsoft > Windows Small Business > >Server 2003 Remote Web Workplace feature > >http://support.microsoft.com/default.aspx?scid=kb;EN- > US;833983 > > > >Share Point can be published for external users: > >How to publish http://Companyweb to the Internet by > using ISA Server 2000 on > >a server that is running Windows Small Business Server > 2003, Premium Edition > >http://support.microsoft.com/?kbid=838304 > > > >Publishing a SharePoint Site Accessible to External Users > >http://www.microsoft.com/downloads/details.aspx? > FamilyID=B51DCB25-0C63-4561-B981- > 9A3C860B9F15&displaylang=en > > > >-- > >Merv Porter [SBS MVP] > >=================================== > > > >"DoomSlayer" <anonymous@discussions.microsoft.com> wrote > in message > >news:016101c42406$8377b280$a501280a@phx.gbl... > >> This is our current config: > >> > >> SBS2003 > >> Two NIC's installed > >> ADSL Modem/Router on one side connected to one NIC. > >> Internal Network on the other NIC. > >> ONE Static IP with our ISP. > >> Our own domain. > >> > >> We wish to allow Remote Access for various reasons. > >> Access to internal data for some company users. Access > >> to Sharepoint Services Intranet for all company users. > >> Hosting of our own website and access for all internet > >> users. > >> > >> Could someone please explain where to begin? We're not > >> complete tech heads but we understand our RAM from our > >> ROM. :) > > > > > >. > >
- Next message: J M: "SBS Login Script?"
- Previous message: Peter Cororan: "Re: Installing SBS Server 2000 on a Notebook"
- In reply to: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Next in thread: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Reply: DoomSlayer: "Re: Configuring SBS to allow Remote Access"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
