Re: One Post to Sum It All Up
From: Kevin D. Goodknecht Sr. [MVP] (admin_at_nospam.WFTX.US)
Date: 12/20/04
- Next message: Herb Martin: "Re: One Post to Sum It All Up"
- Previous message: joshd_at_abswebb.net: "Re: Random DNS Wierdness on 2000 DC"
- In reply to: Bryan: "One Post to Sum It All Up"
- Next in thread: Ace Fekay [MVP]: "Re: One Post to Sum It All Up"
- Reply: Ace Fekay [MVP]: "Re: One Post to Sum It All Up"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 20 Dec 2004 12:46:23 -0600
In news:1CED545C-0D5C-40C7-8AF2-A54DE101241C@microsoft.com,
Bryan <Bryan@discussions.microsoft.com> commented
Then Kevin replied below:
> One Post to Sum it All Up
>
> I am going to consolidate my problems into this post to
> try and see if anyone can help me with my problems, maybe
> they are related?
>
> 1) DNS
> I am not suure I have my DNS configured conrrectly. I
> have a DNS server in the Permieter Network that is my
> authoratative DNS for conseptsolutions.com Currently it's
> IP is set to 192.168.0.2. I have 2 public IP's from my
> provider, both are assigned to the external interface of
> the ISA Firewall. I aslo have a DNS server in the
> Internal Segment which is my Active Directory
> Controller/Exchange 2003 server. Currently my DNS records
> are set up as follows:
>
> CONSOLNS01-External Auth. DNS
> (consolns01.conseptsolutions.com)
> Same As Parent NS ns1.conseptsolutions.com
> Same As Patent NS ns2.conseptsolutions.com
> Same As Parent A 70.182.188.196
> Same As Parent MX consolsrv01.conseptsolutions.com
> ns1 A 70.182.188.196
> ns2 A 70.182.188.196
> www A 70.182.188.197
> consolsrv01 A 70.182.188.196
>
> CONSOLSRV01-Internal AD DNS
> (consolsrv01.conseptsolutions.com
> Same As Parent NS consolsrv01.conseptsolutions.com
> Same As Parent A 10.0.0.2
> consolsrv01 A 10.0.0.2
> webserver A 192.168.0.2
> www CNAME webserver.conseptsolutions.com
> wpad CNAME consolisa01.conseptsolutions.com
> consollap01 A 192.168.1.100 (internal lan client laptop)
>
> I would really appreciate any help in getting my DNS
> settings correct.
>
> 2) Remote Desktop / Terminal Services
> I have followed the guide on isaserver.org entitled
> "Publishing Terminal Servers with ISA Firewalls (2004)
> v1.1" to enable access to my servers from an external
> source. I have assigned three ports to the publishing
> rules, 9999, 9998, & 9997. I can remote my ISA Firewall
> via the external IP:port however, when I am at a remote
> location and try to remote either of the
> internal/permieter servers via external IP:port, I
> receive an error message stating the remote machines
> cannot be contacted, network problems may be preventing
> you from accessing these recources, ensure remote
> administration is enabled, etc. I can remote to the ISA
> Firewall and then bring up a remote desktop connection to
> either 192.168.0.2 or 10.0.0.2 and gain access to the
> servers. I do not even see anything on the logs when I
> try and remote to the internal/perimeter servers? I also
> noticed that I cannot log into the domain on the
> Perimeter server while I am remoted into it. I can log
> into the domain without problems if I was sitting at the
> server locally. Any suggestions?
>
> 3)OWA / Email -- Biggest Problem, want to try and get it
> working!!!
> As the network is configured right now, I can send and
> receive email from Outlook 2003 on my laptop. I am trying
> to
>
> get Outlook Web Access (OWA) configured correctly, and
> believe that my DNS settings may be causing problems, but
> am
>
> not 100% sure on that. I can access OWA from my AD server
> using the web address
> https://consolsrv01.conseptsolutions.com/exchange I am
> prompted with the certificate warning and a credentials
> box is displayed. I type in my credentials for the domain
> and I am brought right into OWA. I am not sure if this is
> how it is suposed to work from inside the domain, or if
> that is the correct address (a simple CNAME or A record
> might fix that for internal requests).
> What I am having mucho troubles with is the external
> access to OWA. I have issued certificates to the Exchange
> 2003 server and also imported the certificate/public key
> to the ISA Firewall as described in an articl from
> msexchange.org. I would really like to get OWA configured
> properly.
> Main questions being, the certificate is issued with a
> comon name: owa.conseptsoltuions.com How/what type of DNS
> entry is required for this to work and what type of
> publishing rule (can I use the publishing wizard with OWA
> option) for this to work. The guide says to use FBA,
> which I have chosen.
>
> These are my remaining problems and would be greatful to
> anyone who could help me resolve them. Really summing it
> up, OWA is my biggest concern. I want that to be up and
> running. I can manage with the Remote Desktop for now and
> play around with some settings. Thanks in advance, and
> please don't hesitate to ask any questions. I appologize
> for the lengthly post.
This is not a DNS issue, the problem is your certificate. It works but it is
only going to be a trusted certificate for users who have installed your
certificate services as a trusted root certificate. You can purchase a
certificate for your server from a published CA or publish your own CA
certificate services, in which case to alleviate the warning your users will
need to install your CA server certificate as a trusted root.
You can also set your CA up a subordinate CA for an already published CA
that has root certificates already installed with most browsers. you might
contact your registrar for these certificates.
-- Best regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ===================================
- Next message: Herb Martin: "Re: One Post to Sum It All Up"
- Previous message: joshd_at_abswebb.net: "Re: Random DNS Wierdness on 2000 DC"
- In reply to: Bryan: "One Post to Sum It All Up"
- Next in thread: Ace Fekay [MVP]: "Re: One Post to Sum It All Up"
- Reply: Ace Fekay [MVP]: "Re: One Post to Sum It All Up"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
