Re: RWW VPN security problem ?

From: Marina Roos [SBS-MVP] (marina_at_roos.nodontwantspam.nl.com)
Date: 08/31/04

Next message: Marina Roos [SBS-MVP]: "Re: OWA does not load up, 'Loading' stays on screen"
Previous message: Marina Roos [SBS-MVP]: "Re: RWW VPN security problem ?"
In reply to: Paul Proefrock: "Re: RWW VPN security problem ?"
Next in thread: Mario: "Re: RWW VPN security problem ?"
Messages sorted by: [ date ] [ thread ]

Date: Tue, 31 Aug 2004 03:47:15 +0200

Hi Paul,

Go ahead. But I don't think there will be much difference in the first part.
Most POP3 mail is hosted by the ISP, and I think we could use some of that
for the site. Send it over and I will let you know.

Thanks.

-- 
Regards,
Marina
Microsoft SBS-MVP
"Paul Proefrock" <proefrock@NO_heartlandgroup_JUNKMAIL.com> schreef in
bericht news:uEPLsxujEHA.704@TK2MSFTNGP10.phx.gbl...
> Marina,
> I suspect there are a lot of companies like ours that are using SBS 2003
> with PoP 3 mail, hosted sites and small, inexpensive routers (Linksys,
> D-Link, NetGear). If it will help any other potential users, I'd be happy
to
> model my system and settings, much like is on the smallbizserver.net site.
> It could be "Two Nics, a static IP address, No ISA, Std SBS with ISP
hosted
> site - POP3 mail" Perhaps there is a shorter title but I bet there are a
> bunch out there like me.
>
> If it would be of value, I'll do the page modeling and send it your way
for
> proofing?
>
> Paul P
>
>
> "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in
message
> news:uDo12VsjEHA.384@TK2MSFTNGP10.phx.gbl...
> > Hi Paul,
> >
> > The https://IP:444/ issues the certificate (which is not right, because
> > the
> > certificate is pointing to FQDN in stead of your IP and after accepting
> > that
> > certificate I do get a login screen.
> >
> > I have tried to login as administrator about 2 hours ago, so you should
> > see
> > a message in the securitylog about that.
> >
> > https://FQDN:444 does not work because there is no dns record created by
> > your ISP).
> >
> > You should rerun the CEICW wizard and change the web certificate to your
> > public IP .
> >
> >
> > The fact that you get to https://ip:444/ without getting the
loginscreen,
> > must be due to the fact that you are already logged into the domain or
> > that
> > login is still cached. So no worries about it, just rerun CEICW and
change
> > the certificate.
> > You will also need to open port 4125 from your router to your external
nic
> > IP, if you want to enable RWW from the internet.
> >
> >
> > -- 
> > Regards,
> >
> > Marina
> > Microsoft SBS-MVP
> >
> > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> schreef in
> > bericht news:u6sVFRmjEHA.1652@TK2MSFTNGP09.phx.gbl...
> >> Hi Paul,
> >>
> >> Don't know what happened to that reply, but you did reach me: this was
> > your
> >> message:
> >>
> >>
> >>
> >> Marina,
> >> Thanks for your offer of help. I wanted to make sure I interpreted the
> > email
> >> address correctly before I started emailing IP addresses.
> >>
> >> Is this the correct contact point?
> >>
> >> Paul Proefrock
> >>
> >>
> >>
> >>
> >> -- 
> >> Regards,
> >>
> >> Marina
> >> Microsoft SBS-MVP
> >>
> >> "Paul Proefrock" <proefrock@NO_heartlandgroup_JUNKMAIL.com> schreef in
> >> bericht news:OIZkGdjjEHA.2340@TK2MSFTNGP11.phx.gbl...
> >> > Marina,
> >> > Your reply email has not arrived. Just making sure I have the right
> > email
> >> > address. Don't want to knowingly send out an IP address with a known
> >> > security problem.
> >> >
> >> >
> >> > Paul P
> >> >
> >> >
> >> > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in
> >> message
> >> > news:u1g3r3ijEHA.3348@TK2MSFTNGP12.phx.gbl...
> >> > > Hi Paul,
> >> > >
> >> > > Received and replied.
> >> > >
> >> > > -- 
> >> > > Regards,
> >> > >
> >> > > Marina
> >> > > Microsoft SBS-MVP
> >> > >
> >> > > "Paul Proefrock" <proefrock@NO_heartlandgroup_JUNKMAIL.com> schreef
> >> > > in
> >> > > bericht news:uWhimmijEHA.3988@tk2msftngp13.phx.gbl...
> >> > >> Marina,
> >> > >> Sent you a personal email, checking if I interpreted email address
> >> > >> correctly. Please let me know and I'll fire off IP address
> >> > >>
> >> > >> Thanks
> >> > >>
> >> > >> Paul P
> >> > >>
> >> > >>
> >> > >> "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote
in
> >> > > message
> >> > >> news:uTe9cUcjEHA.2500@TK2MSFTNGP15.phx.gbl...
> >> > >> > Hi Paul,
> >> > >> >
> >> > >> > And how does the certificate look like? Is it pointing to your
> > public
> >> > >> > IP
> >> > >> > or
> >> > >> > to your FQDN? Would you mind to give me your IP (email to me
> >> privately
> >> > > and
> >> > >> > take out the nospam part between the dots)?
> >> > >> >
> >> > >> > -- 
> >> > >> > Regards,
> >> > >> >
> >> > >> > Marina
> >> > >> > Microsoft SBS-MVP
> >> > >> >
> >> > >> > "Paul Proefrock" <proefrock@NO_heartlandgroup_JUNKMAIL.com>
> >> > >> > schreef
> >> in
> >> > >> > bericht news:uQJ2VMXjEHA.1312@tk2msftngp13.phx.gbl...
> >> > >> >> Marina,
> >> > >> >> Since your post, I have had multiple reboots so I am confident
> > there
> >> > >> >> is
> >> > >> >> nothing in the cache. Opened Explorer, fresh. enter
> >> > >> >> https://IPaddress:444.
> >> > >> >>
> >> > >> >> The machine presents the security pop-up that says the site has
a
> >> bad
> >> > >> >> security certificate. I click yes and "mycompanyweb" opens, No
> > Login
> >> > >> > screen
> >> > >> >>
> >> > >> >> Paul
> >> > >> >>
> >> > >> >>
> >> > >> >> "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com>
wrote
> > in
> >> > >> > message
> >> > >> >> news:u3jL6kKjEHA.3608@TK2MSFTNGP09.phx.gbl...
> >> > >> >> > Hi Paul,
> >> > >> >> >
> >> > >> >> > If you close all internet explorer windows, then start IE
again
> >> with
> >> > >> >> > the
> >> > >> >> > https://ip:444, do you get the login screen?
> >> > >> >> >
> >> > >> >> > -- 
> >> > >> >> > Regards,
> >> > >> >> >
> >> > >> >> > Marina
> >> > >> >> > Microsoft SBS-MVP
> >> > >> >> >
> >> > >> >> > "Paul Proefrock" <proefrock@NO_heartlandgroup_JUNKMAIL.com>
> >> schreef
> >> > > in
> >> > >> >> > bericht news:uWIWJgKjEHA.3896@TK2MSFTNGP10.phx.gbl...
> >> > >> >> >> Standard
> >> > >> >> >> all options except web server
> >> > >> >> >>
> >> > >> >> >> Paul P
> >> > >> >> >>
> >> > >> >> >> "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]"
> >> > >> >> >> <sbradcpa@pacbell.net>
> >> > >> >> >> wrote in message
news:u3R4PE$iEHA.2544@TK2MSFTNGP10.phx.gbl...
> >> > >> >> >> > ISA server or Standard?  What options did you select when
> >> running
> >> > >> >> >> > the
> >> > >> >> >> > wizard?
> >> > >> >> >> >
> >> > >> >> >> > Paul Proefrock wrote:
> >> > >> >> >> >> In setting up my system and remote users, I have found a
> >> > > situation
> >> > >> >> >> >> that
> >> > >> >> >> >> alarms me.  I don't know if it is due to something I have
> > done
> >> > >> >> >> >> or
> >> > >> >> >> >> if
> >> > >> >> >> >> it
> >> > >> >> >> >> is a bug in SBS2003.
> >> > >> >> >> >>
> >> > >> >> >> >> If I connect to my server from a remote box, using
> >> > >> >> >> >> https://IPaddress/remote, I get the login screen
requesting
> >> user
> >> > >> > name
> >> > >> >> > and
> >> > >> >> >> >> password. Enter it and everything connects and works as
it
> >> > > should.
> >> > >> >> >> >>
> >> > >> >> >> >> If I connect using https://IPaddress:444, it zips right
on
> >> thru,
> >> > >> >> >> >> bypassing the security screens. It opens my company
> >> > >> >> >> >> webpage!
> >> > >> >> >> >>
> >> > >> >> >> >> We are using SBS2003/SP1 behind a Linksys Router. I am
> >> > >> >> >> >> using
> >> the
> >> > >> >> >> >> actual
> >> > >> >> >> >> IP address. If I use the FQDN, it doesn't connect
> >> > >> >> >> >>
> >> > >> >> >> >> Is this normal? what is to keep anyone out of a site
> >> > >> >> >> >> enabled
> >> for
> >> > >> >> >> >> remote
> >> > >> >> >> >> sharepoint access?
> >> > >> >> >> >>
> >> > >> >> >> >> Paul P
> >> > >> >> >> >
> >> > >> >> >> > -- 
> >> > >> >> >> > http://www.sbslinks.com/really.htm
> >> > >> >> >>
> >> > >> >> >>
> >> > >> >> >
> >> > >> >> >
> >> > >> >>
> >> > >> >>
> >> > >> >
> >> > >> >
> >> > >>
> >> > >>
> >> > >
> >> > >
> >> >
> >> >
> >>
> >>
> >
> >
>
>

Next message: Marina Roos [SBS-MVP]: "Re: OWA does not load up, 'Loading' stays on screen"
Previous message: Marina Roos [SBS-MVP]: "Re: RWW VPN security problem ?"
In reply to: Paul Proefrock: "Re: RWW VPN security problem ?"
Next in thread: Mario: "Re: RWW VPN security problem ?"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: RWW VPN security problem ?
... > You say to change web certificate to our public IP. ... >> Hi Paul, ... >> certificate I do get a login screen. ...
(microsoft.public.windows.server.sbs)
RE: TripleDES Key Management
... Hi Paul, ... If you can, use the machine store. ... >encrypt/decrypt my uid/pswrd for SQL Server. ... >an ISP that hosts .NET applications. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: VPN from Server to Client?
... > The client and server both are behind Linksys Routers. ...
(microsoft.public.windows.server.sbs)
Re: dial-up "response"
... Paul E. Schoen wrote: ... short 100-300mSec burst or bursts incoming followed by 1-20sec no data transfer; repeats until line drops out for no apparent reason. ... Probably a noisy phone line on your end, or a bad modem or other problem at your ISP. ... I changed modem drivers as suggested by my ISP to no avai; a different OS not previously used for online work also had same problems. ...
(sci.electronics.design)
Re: Cant send Email using DNS
... I really suspect the ISP has ... "Frank McCallister" schreef in bericht ... > Hi Marina ... > It wasn't a matter of ping not being returned, it was a matter of ping and ...
(microsoft.public.windows.server.sbs)