Re: Problem with RWW, can list computers/servers, cannot get logge
- From: "Frank McCallister SBS MVP" <anonymous>
- Date: Tue, 2 Aug 2005 21:39:34 -0500
See if this helps
http://support.microsoft.com/default.aspx?scid=kb;EN-US;886209
--
Frank McCallister SBS MVP
COMPUMAC
"Carl" <Carl@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E5A998B2-E4DA-4541-92F3-ABC7EB3E4A71@xxxxxxxxxxxxxxxx
> Thanks for the response.
>
> When I login from outside using dialup, I am using https://FQDN/remote.
> I believe I have the certificate address handled correctly, but am not
> 100%
> on that one. I thought I must have it "right" since I could use all of the
> other RWW functionality including admining the companyweb. (?)
>
> When I browse to that FQDN and the certificate is presented for approval,
> the FQDN that I input in the browser over dial up matches the FQDN name on
> the cert. The cert goes to xxxx.yyyy.com, not xxxx.yyyy.local, which I
> believe is correct. (?)
>
> In ISA 2004, the "SBS Web Listener" (which is used by the OWA, RWW and
> OMA
> web publishing rules) is using the same xxxx.yyyy.com certificate to
> authenticate.
>
> When I look at the certificates on the ISA computer in the folder:
> Certificates (Local Computer) / Personal / Certificates, there are three
> certs. One is the FQDN. For purposes of discussion the FQDN is
> xxxx.yyyy.com.
> Based on that premise, the three certs are named as follows:
>
> Name Intended purpose
> ---------------- --------------------
> yyyy All
> publishing.yyyy.local Server auth
> xxxx.yyyy.com Server auth
>
> Thanks for the input.
>
> Sincerely,
> Carl
>
> "Frank McCallister SBS MVP" wrote:
>
>> Hi Carl
>>
>> When you login from outside using dialup are you logging in using
>> Https://Ip/remote or Https://FQDN/remote ? When you ran CEICW AFTER
>> installing ISA 2004 did you install the certificate for the same address?
>>
>> --
>> Frank McCallister SBS MVP
>> COMPUMAC
>> "Carl" <Carl@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:E5F2D441-817D-4385-9D07-9631816FCA7E@xxxxxxxxxxxxxxxx
>> > Server01: SBS Premium/ISA 2004 with product fully installed and all
>> > service
>> > packs and updates current
>> > Server02: Server 2003 with all SP and updates current
>> > Workstation 01: WinXP Pro SP2 and updates current
>> > Internet access: via Cable modem to Linksys WRT54G
>> >
>> > WRT54G: WanIP set by isp, LanIP set to 192.168.30.1; PPTP and IPSec on
>> > passthru; forwarding 1723,443,444,3389 and 4125 to 192.168.30.10
>> >
>> > Server01 has two adapters: WanAdapter 192.168.30.10 with only tcpip
>> > enabled,
>> > dns to LanAdapter's IP; LanAdapter 192.168.20.100 with
>> > tcpip/client/file
>> > and
>> > printer sharing enabled; verified Advanced Setting re: binding Lan 1st,
>> > Wan
>> > 2nd (shows remote connections 3rd??)
>> >
>> > When I say "outside the network" I mean accessing the network via a
>> > separate
>> > fourth computer (WinXP Pro SP2) using dialup via a different ISP than
>> > the
>> > one
>> > to which the network in connected.
>> >
>> > I can use all of RWW on the intranet, but not (all of RWW) from the
>> > outside
>> > network. I can connect to all 3 computers, one to the other via RWW,
>> > from
>> > inside the network.
>> >
>> > From outside the network I successfully connect via www address and get
>> > RWW
>> > login, login succeeds and everything works, including showing the list
>> > of
>> > computers and/or servers (depending who I login as and what
>> > permissions,
>> > servers for admin's only) BUT, once I select a computer to connect to I
>> > get
>> > one of two errors at the remote desktop, both start with "VBScript:
>> > Remote
>> > Desktop Disconnected".
>> >
>> > Error One: The client could not establis a connection to the remote
>> > computer. The most likely causes for this error are:
>> > And then is lists remote connections enabled, max. number of
>> > connections, network error, RWW port blocked by firewall
>> > Error Two: The client could not connect to the remote computer. Remote
>> > connection might not be enabled or the computer might be too bust to
>> > accept
>> > new connections. It is also possible that network problems are
>> > preventing
>> > your connection. Please try connecting again later. If the problem
>> > continues
>> > to occur, contact your system administrator.
>> >
>> > I can VPN and Remote Desktop all three computers from outside the
>> > network.
>> >
>> > Other things I have checked/done:
>> > 1. Disabled the firewall in the Linksys, let all traffic through
>> > 2. Upped connection limits in ISA from 40 to 160 as per MS Q555368
>> > 3. Even turned off connection limits in ISA General...
>> > 4. Verified User permission to the Remote Desktop on all three
>> > computers.
>> > 5. A complete scratch reinstall of SBS and got back to the same issue.
>> > 6. Monitored and reviewed the ISA logs interactively and reviewed the
>> > log
>> > files for errors. The only denial I see, is 2 sets of IGMP packets that
>> > come
>> > from the Lan side of the Linksys/router (192.168.30.1) and are going to
>> > 224.0.0.1/224.0.0.2. A bit of the log follows: (sorry for the
>> > wrapping....)
>> > Just a little discussion more below the log.
>> >
>> > computer date time IP protocol source destination orig client
>> > IP source network destin network action status rule application
>> > protocol bidirectional bytes sent bytes sent intermediate bytes
>> > received bytes received intermediate connection time connection time
>> > intermediate source proxy destination proxy source name destination
>> > name username agent session ID connection ID interface IP header
>> > protocol
>> > payload
>> >
>> >
>> > RXISBS 2005-08-02 19:00:30 IGMP 192.168.30.1 224.0.0.1 192.168.30.1
>> > External Local
>> > Host Denied 0xc004000d Default rule Unidentified IP
>> > Traffic N 0 0 0 0 - - - - - - - - 0 0 - - -
>> >
>> > RXISBS 2005-08-02 19:00:37 IGMP 192.168.30.1 224.0.0.2 192.168.30.1
>> > External Local
>> > Host Denied 0xc004000d Default rule Unidentified IP
>> > Traffic N 0 0 0 0 - - - - - - - - 0 0 - - -
>> >
>> > RXISBS 2005-08-02 19:02:17 TCP 192.168.20.23:1030 192.168.20.100:445
>> > 192.168.20.23 Internal Local
>> > Host Intermediate 0x0 Allow access from trusted computers to the
>> > Firewall
>> > Client installation share on ISA Server Microsoft CIFS
>> > (TCP) Y 46561 744 33552 983 5400188 900079 - - - - - - 15 73 - - -
>> >
>> > RXISBS 2005-08-02 19:02:35 IGMP 192.168.30.1 224.0.0.1 192.168.30.1
>> > External Local
>> > Host Denied 0xc004000d Default rule Unidentified IP
>> > Traffic N 0 0 0 0 - - - - - - - - 0 0 - - -
>> >
>> > RXISBS 2005-08-02 19:02:35 IGMP 192.168.30.1 224.0.0.2 192.168.30.1
>> > External Local
>> > Host Denied 0xc004000d Default rule Unidentified IP
>> > Traffic N 0 0 0 0 - - - - - - - - 0 0 - - -
>> >
>> > I have read tons of posts and searched the web on this issue and would
>> > welcome any suggestions for trouble shooting. It sure appears the 4125
>> > and
>> > 3389 ports are open as they generate log activity in ISA.
>> >
>> > Thanks for taking the time to read my post.
>> >
>> > Carl
>>
>>
>>
.
- Follow-Ups:
- References:
- Problem with RWW, can list computers/servers, cannot get logged in
- From: Carl
- Re: Problem with RWW, can list computers/servers, cannot get logged in
- From: Frank McCallister SBS MVP
- Re: Problem with RWW, can list computers/servers, cannot get logge
- From: Carl
- Problem with RWW, can list computers/servers, cannot get logged in
- Prev by Date: Re: Estimated time to upgrade
- Next by Date: Re: Estimated time to upgrade
- Previous by thread: Re: Problem with RWW, can list computers/servers, cannot get logge
- Next by thread: Re: Problem with RWW, can list computers/servers, cannot get logge
- Index(es):
Relevant Pages
|
