Re: Cannot connect externally, but no problem internally

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: David Barnes (david_at_nospam-bitsolve.com)
Date: 10/08/04 

Date: Fri, 8 Oct 2004 20:06:18 +0100

Guys (MVP's)...
we need a quick answer here
Can SBS publish RWW and OWA via a router to the internet when it only has
one NIC?
Something is nagging at the back of my mind that there is a problem with the
certificate.

Ken,

Ok simple one first..
You are connecting to https://xxxxx.dyndns.biz/remote or
https://xxxxx.dyndns.biz/exchange
and NOT http://xxxxx.dyndns.biz/ or https://xxxxx.dyndns.biz/

I have noticed that one of the recent updates to SBS seems to have turned
off the default web page. (see http://www.sbslinks.com/patch.htm for patch
list[posting curtsey of Susan Bradley - http://msmvps.com/bradley/]).. there
are more (eg ISA SP1)..

Two approaches..
1/ most routers have the UPnP functionality disabled by default and this has
to be enabled in the GUI.
My guess is that you have turned this on though.

2/ from outside your org, try telnet xxxxx.dyndns.biz 443 and telnet
xxxxx.dyndns.biz 80
These should at least connect..
Whilst they are connected check on the server what sessions are connected
(netstat -n) You will have to get in quick before your telnet session
times-out..
You should see the source IP of your client that has telneted in.. if not,
then my guess is the HTTP and HTTPS are being received/interpreted further
up the line at the router.
Some routers I have come across (can't remember make) would not let port 80
and 443 through when the web admin was configured for those ports, even
though access to it was disabled from the internet. I had to move this to
8080 and 448 to let the port mapping work.
Check your servers route table (netstat -r or route print) verify that there
is ONLY ONE default gateway.. This will be the line dest 0.0.0.0 netmask
0.0.0.0 gateway x.x.x.x
Is the gateway specified there the correct ip address for the internal
interface on your router?

On a client add the following to the hosts. file (in
c:\windows\system32\drivers\etc) [use notepad to edit it]

internal-IP-address-of-server xxxxx.dyndns.biz

eg
192.168.1.10 xxxxx.dyndns.biz

Save the file, but leave notepad open..
test resolution is ok.. ping xxxxx.dyndns.biz should ping the internal IP
address of your server
now try https://xxxxx.dyndns.biz/exchange and
https://xxxxx.dyndns.biz/remote
they should work.. if they don't the issue lies inside SBS not with the
router..

David Barnes

"Chico" <Chico@discussions.microsoft.com> wrote in message
news:181AD855-9086-4178-BA33-266B1165CCDA@microsoft.com...
> thanks for the response, but when i tried that i got the exact same error
> when CEICW tries to configure the router. I resorted to manually entering
> the ports on the router, but still no remote or exchange connections
> externally. I can ping my xxxxx.dyndns.biz address and it comes up with
> my
> wan ip on the router so i know that that is working, it just does not seem
> to
> let me through. Any other suggestions. THanks.
>
> Ken
>
> "David Barnes" wrote:
>
>> I've found UPnP configuration of routers fails if you have an admin
>> password
>> set on the router.
>> Remove the password, run CEICW and then put the password back on your
>> router.
>>
>> David Barnes
>>
>> "Chico" <Chico@discussions.microsoft.com> wrote in message
>> news:B39045A8-284D-45C2-B866-ED65C7FE2F8E@microsoft.com...
>> > SBS 2003 standard
>> > 1 nic
>> > cable internet connection
>> > Belkin router/firewall
>> > Upnp enabled
>> > Dynamic dns service
>> >
>> > no problem conecting either RWW or OWA internally, but cannot connect
>> > externally. When i run CEICW and it asks to configure the router via
>> > Upnp
>> > (it is enabled on the router) I say yes, and then it gives an error
>> > saying
>> > it
>> > cannot configure...do it manually. So I manually entered all the
>> > various
>> > ports that have been mentioned in numerous posts, and I still cannot
>> > connect.
>> > Any ideas on where to go fomr here? Thanks.
>>
>>
>>

Relevant Pages

  • Re: Urgent! New router and big disaster
    ... I checked the router, I am running a laptop off of it so I can post. ... Les Connor [SBS Community Member - SBS MVP] ... make sure the DHCP Client Service is running on the server. ... First Page of the Internet Connection Wizard, ...
    (microsoft.public.windows.server.sbs)
  • Re: RWW interal not external
    ... If all things work internally, but not externally, then it's either a router ... Les Connor [SBS Community Member - SBS MVP] ... > I have set the port forwarding on the router as best I can. ... > Outlook via the Internet ...
    (microsoft.public.windows.server.sbs)
  • Re: Best way to connect via wireless in new SBS install?
    ... (192.168.16.x - your SBS DHCP scope). ... will get internet access through the SBS. ... wireless-capable router for that purpose. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... Merv Porter [SBS MVP] ... dish that I have currently plugged into the router. ... IP it means that your problem is now DNS. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: ISA Help Needed
    ... If you have no more ports on the router ... Connect the external nic of the SBS to this hub/switch, ... >internet connectivity same as the other boxes. ... They'll get their network settings from ...
    (microsoft.public.windows.server.sbs)