Re: New RWW annoyance

---

• From: Eriq Neale <eon@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Wed, 08 Jun 2005 15:43:02 GMT

---

Hi CPA.

This means that whatever device is actually answering on the public IP address and routing the requests into your SBS server has its own SSL certificate and is attempting to use that to respond to SSL traffic. This tells me that the device (sounds like a Fortigate product from Fortinet, see www.fortinet.com) is not configured correctly to pass SSL traffice to your SBS server.

HTH...

-Eriq

On 2005-06-08 08:09:02 -0500, =?Utf-8?B?Q1BB?= <CPA@xxxxxxxxxxxxxxxxxxxxxxxxx> said:

Hi,

I have already run the wizard several times. There's something wrong with the certificate.

I'm using an external IP to connect RWW. I put thatin the Web Server Certificate when I run the wizard.

When I connect RWW internally and check the certificate it's ok, and RWW works fine, but when I connect from outside I see a completely different certificate! :

Issued by Fortinet, with completely different dates.

What is this ?!

If I press Yes at the warning page I get the error 400 - bad request page.

""Brandy Nee [MSFT]"" ×?ת×?:

Hello,
Thank you for posting back.
From your latest reply, I am glad to hear that the issue was resolved by reinstalling IIS. Your new issue is cannot access RWW from the Internet and the error is related to certificate. In order to resolve this issue, you need to rerun CEICW to publish the RWW. To do so, please see:

1. Log in the server as Administrator.

2. Expand Server Management\Standard Management\To Do List.

3. Click the "Connect to the Internet" link.
4. Choose the correct connect type and configure your network. You can choose Do not change connection type if you have correctly configured it before.
5. Proceed to the Firewall page, select "Enable firewall" and click Next.
6. Proceed to Services Configuration page, select all the items and then click Next.
7. In the Web Services Configuration page, make sure that "Allow access to the entire Web site from the Internet" is selected. If you select "Allow access to only the following Web site services from the internet", make sure both of the "Outlook Web Access" and "Remote Web Workplace" items are selected. Click OK.
8. On the "Web Server Certificate" page, choose to create a new Web server certificate and then type the public FQDN that you will use to access OWA (for example, if your public FQDN that you use to access the sites is mail.domain.com, you should type mail.domain.com as the new certificate name). If you already requested a certificate with the name "mail.domain.com" from a third party CA, you can choose "Use a Web server certificate from a trusted authority" and then import the certificate.

9. Go through the remaining steps. The wizard will automatically configure the SBS 2003 Basic Firewall to securely publish the two sites.

10. If you have a router or hardware firewall, configure it to forward inbound traffic on TCP port 80 and 443 to the SBS server's external address.

11. Test whether you can log on RWW by typing https://mail.domain.com/remote.

How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/?id=825763
For more information on your issue, please see the following KB article:
842612 You receive a "403 Forbidden" message when you try to connect to a Web
http://support.microsoft.com/?id=842612
I am greatly appreciated your time. If anything unclear, please let me know. I am looking forward to hearing from you!
Best regards,

Brandy Nee

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--
Eriq Neale - MCSE, MCSA Messaging, MCP Small/Medium Business, Mac Guru
EON Consulting - www.eonconsulting.net
Need additional IT insight? E-mail "support at eonconsulting dot net"

.

---

• References:
  • RE: New RWW annoyance
    • From: CPA

• Prev by Date: invitations
• Next by Date: RE: My Documents Folder Redirection - not occuring
• Previous by thread: RE: New RWW annoyance
• Next by thread: RE: New RWW annoyance
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Outlook RPC over HTTp deosnt work ... is that the *exact* name you gave your certificate? ... You must do this via the 'connect to the internet' wizard. ... You can see it from the server by ... On the SBS server, verify if it trusts the certificate: ... (microsoft.public.windows.server.sbs) Re: CEICW settings ... Microsoft CSS Online Newsgroup Support ... First of all, no matter what you use in Web Server Certificate (IP, ... (microsoft.public.windows.server.sbs) Re: CEICW settings ... First of all, no matter what you use in Web Server Certificate (IP, Pubilc ... Since you've just run the CEICW, the certificate date will be OK. ... View Certificate -> Install it to Trusted Root Certification Authorities. ... (microsoft.public.windows.server.sbs) Re: CEICW settings ... Now I think I see that you are really saying that there are more criteria to ... First of all, no matter what you use in Web Server Certificate (IP, Pubilc ... Since you've just run the CEICW, the certificate date will be OK. ... (microsoft.public.windows.server.sbs) Re: Mobile Access to Exchange ... address and received the external certificate which then matched the url. ... I receive an error "Your account in Microsoft Exchange Server does not have ... SBS server running ISA2004, and also using OWA and exchange over http. ... 825763 How to configure Internet access in Windows Small Business Server ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2005-06