RE: Changing OWA SSL port
- From: v-natliu@xxxxxxxxxxxxxxxxxxxx ("Nathan Liu [MSFT]")
- Date: Fri, 09 Sep 2005 04:58:59 GMT
Hello Walt,
Thank you for posting in the SBS newsgroup.
According to your description, I understand that you would like to change
the OWA's SSL port on the SBS 2003 Server. If I have misunderstood the
problem, please don't hesitate to let me know.
Before we go further, please re-try to contact your ISP to allow the
network traffic through these ports under port 1024, since there are many
connections that access to the SBS 2003 Server through these ports under
port 1024.
For example:
------------
Port 21 enable external and internal file transfer
Port 25 enable incoming and outgoing SMTP mail
Port 80 (http://) enables all non-secure browser access, including:
internal access to IIS Webs including the company Web, Windows SharePoint
Web, Windows SharePoint administration Web, and server monitoring and usage
reports Enables internal access to Exchange by OWA and OMA clients
Port 110 enables Exchange to accept incoming POP3 mail
Port 123 (UDP port) enables the system to synchronize time with an
external Network Time Protocol (NTP) server
Port 143 enables Exchange to accept incoming IMAP4-compliant messages
Port 220 enables Exchange to accept incoming IMAP3-compliant messages
Port 443 (https://) enable all secure browser access, including
external access to Exchange for Outlook 2003, OWA, and OMA clients;
required for external access to server monitoring and usage reports
Port 444 enable internal and external access to the SharePoint Web
Port 500 enables external VPN connections by using IPSec
Additionally, consider your current condition, as I know, the default web
site in SBS 2003 is listening on port 80 and the SSL port 443. You now
would like to change the port from 443 to other ports that upon the 1024
port (e.g. 7734), and I think you should be able to access OWA using port
80 from internal, for example, http://servername/exchange. You do not need
to use the port 7734 in the URL to access OWA from Internet. To publish OWA
to the Internet, you can just follow the steps below:
1. On the SBS 2003 Server open the Server Management console. Go to
Standard Management\To Do List.
2. Click the "Connect to the Internet" link.
3. Choose not to change the connection type and click Next. On the Firewall
page, select "Enable firewall" and click Next (I suppose you have 2 network
adapters in SBS 2003).
4. On the "Services Configuration" page, select all the items and then
click Next.
5. On the "Web Services Configuration" page, make sure "Allow access to the
entire Web site from the Internet" is selected. If you select "Allow access
to only the following Web site services from the Internet", make sure the
"Outlook Web Access" item is selected. Click Next.
6. On the "Web Server Certificate" page, choose to create a new Web server
certificate and then type the public FQDN that you will use to access OWA
(for example, if your public FQDN that you use to access the sites is
mail.customerdomain.com, you should type mail.customerdomain.com as the new
certificate name). If you already requested a certificate with the name
"mail.customerdomain.com" from a third party CA, you can choose "Use a Web
server certificate from a trusted authority" and then import the
certificate.
7. Go through the remaining steps. The wizard will automatically configure
the SBS 2003 Basic Firewall to securely publish the site.
8. If you have a router or hardware firewall, configure it to forward
inbound traffic on TCP port 7734 to the SBS server's external address.
9. Then check if you can access OWA using
https://mail.customerdomain.com/exchange.
Note: Please understand if we change the SSL port in the 'Default Web Site'
node, this operation will also affect other Virtual Directories (e.g.
exchange-oma, Remote, Microsoft-Server-ActiveSync, etc.)
I appreciate your time and cooperation. If anything is unclear, please feel
free to let me know. I am looking forward to hearing from you.
Best regards,
Nathan Liu (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Thread-Topic: Changing OWA SSL port
>thread-index: AcW0nHvhHfZz5orvTxOoGjkbBZALbA==
>X-WBNR-Posting-Host: 12.110.98.11
>From: "=?Utf-8?B?V2FsdA==?=" <Walt@xxxxxxxxxxxxxxxxxxxxxxxxx>
>Subject: Changing OWA SSL port
>Date: Thu, 8 Sep 2005 10:41:03 -0700
>Lines: 10
>Message-ID: <0AD004F1-E32B-4EDF-8000-5AA807D80C4E@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:203319
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>I need to change or add an SSL port for OWA on SBS2003. I have read a few
>post and articles on how to do it but none have worked. My ISP blocks
ports
>under 1024.
>
>So far I have added an additional SSL port to the default web site.
>I also created a new HTTP virtual site under exchange admin but SSL was
>grayed out for this method.
>
>I thought this would be straight forward. I am not using ISA. Any help is
>greatly appreciated.
>
.
- References:
- Changing OWA SSL port
- From: Walt
- Changing OWA SSL port
- Prev by Date: After Exchange 2003 Crash have only offline copy of mdbdata folder and contents
- Next by Date: Re: The serever is locked up few times a day
- Previous by thread: Changing OWA SSL port
- Next by thread: Defragment on SBS 2K3.
- Index(es):
Relevant Pages
|
