Re: RWW works with IP but not FQDN
- From: "David Copeland [MSFT]" <davidcop@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 4 Nov 2005 21:43:03 -0600
Steve,
To see if something already has TCP port 4125 open on the SBS server you can
do the following:
netstat -aon | find ":4125"
then
tasklist /svc | find "pidno"
where pidno is the process id number on the far right of the output from the
netstat command.
Would expect that unless someone is already connected to a client machine
via RWW that the netstat command wouldn't return any connections or anything
listening.
When you are using RWW to connect to client/server machines on the internal
network TCP Port 3389 does not need to be accessible to the SBS server.
Externally the connection is made using TCP port 4125 and then it is
basically proxied back to the internal machine using TCP port 3389.
You would only need TCP port 3389 open/passed to the server from the
Internet if you wanted/needed to make an RDP connection directly to the
server without using RWW.
When you run the CEICW then if you are selecting to allow Remote Web
Workplace then it should create everything needed in ISA to allow that
connectivity from the Internet.
The client machine you are trying to connect from remotely is it behind a
firewall/ISA server? and maybe it's blocking the outbound TCP port 4125?
One way to test would be if you can setup something temporarily that would
listen on the SBS server on TCP port 4125 and then try and connect to it
remotely using simply telnet x.x.x.x 4125 (where x.x.x.x is the Internet IP
address needed to reach the SBS server's external IP). Another option would
be to use Network Monitor and get a network trace from the external
interface while trying to telnet to the server on port 4125 from a remote
client to see if you at least see a TCP Sync request on port 4125.
--
Hope that helps,
David Copeland
Microsoft Small Business Server Support
This posting is provided "AS IS" with no warranties, and confers no rights.
SBS Newsgroups:
SBS v4.x: microsoft.public.backoffice.smallbiz
SBS 2000: microsoft.public.backoffice.smallbiz2000
SBS 2003: microsoft.public.windows.server.sbs
"Steve F" <SteveF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E814C472-E839-4A9B-9EDF-85C9A6CC019B@xxxxxxxxxxxxxxxx
> David,
>
> Thanks for your help. It was a DNS issue with the A record that they had
> pointing who knows where.
>
> On the RWW issue, if I go to http://servername/remote at the server and
> log
> in I can access both the server and client desktops (XPSP2), so it does
> work
> fine inside the network. I have 443, 444, 4125, and 3389 open on the
> router,
> so I am kind of thinking it might be an ISA2000 issue (SBS SP1 is not
> installed). KB886209 refers to another process listening on 4125, but I
> assume since it works on the internal network, that isn't the issue.
>
> In another response GG states" "Did you declare FQDN on rule of RWW ?
> I think CIEW does not tdo that.", which I think it a refernce to ISA and
> the
> need to set up packet filters for RWW. KB828053 sounds promising, but
> because
> I'm trying to connect from a client not running windows firewall that is
> outside the network none of the three scenarios is quite correct, though 3
> comes close. A couple of other references point to opening a packet filter
> for 3389 in ISA.
>
> Does that packet filter make sense? If so are there any step by step
> guides
> for creating that filter? I just orded an ISA book, but am more clueless
> than
> normal at the moment.
>
> Thanks for any insights.
> --
> Steve F
>
>
> "David Copeland [MSFT]" wrote:
>
>> Steve,
>>
>> If you use http://servername/remote from the server itself can you
>> connect
>> to the internal clients/servers then? Since it sounds like you are able
>> to
>> logon to Remote Web Workplace and then click on the link to see the list
>> of
>> client machines correct?
>>
>> Are the client machines XP Pro? Where they joined to the domain using
>> http://servername/connectcomputer or manually? If manually, do they have
>> Remote Desktop enabled on them? Does the user have access?
>>
>> If you are unable to connect using the fully qualified domain name you
>> may
>> want to verify that you are able to resolve the name to the IP address by
>> trying to ping the fully qualified domain name of your server to see if
>> it
>> at least resolves to the IP address.
>>
>>
>> --
>>
>> Hope that helps,
>> David Copeland
>> Microsoft Small Business Server Support
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> SBS Newsgroups:
>>
>> SBS v4.x: microsoft.public.backoffice.smallbiz
>> SBS 2000: microsoft.public.backoffice.smallbiz2000
>> SBS 2003: microsoft.public.windows.server.sbs
>>
>> "Steve F" <SteveF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:B0DD50C7-8368-4E74-979D-06F80F70509B@xxxxxxxxxxxxxxxx
>> >I just inherited a SBS2003 server. Exhange SP1, but no SBS SP1. RWW can
>> >be
>> > accessed using the exteral IP address https:// ##.###.##.###/remote.
>> > Outlook
>> > Web Access works great, but neither Remote Server Access or Remote
>> > Desktop
>> > access works. I can see the list of remote servers, but it fails with
>> > the
>> > message: "The client coudl not connect to the remote computer. Remote
>> > connections might not be enabled or the computer might be too busy...."
>> >
>> > I thought that might just be a firewall problem in the CICEW so I reran
>> > that, and everything is set to accessible except web root and FTP. I
>> > also
>> > changed the certificate to the FQDN servername.domain.com.
>> >
>> > However, after that change, RWW doesn't work using the FQDN. The RWW
>> > page
>> > never loads. So I reran the CICEW changing the certificate back to the
>> > IP
>> > address. Outlook Web Access works again, but neither Remote Desktops or
>> > Servers are accessible.
>> >
>> > On a related note, VPN access connects, but cannot browse the network.
>> >
>> > Ports 443, 443, 3389, 4125 (and 4125) are all open on the router.
>> >
>> > I'm guessing that somehow ISA2000 isn't getting updated by the CICEW,
>> > but
>> > I
>> > haven't had a chance to look. I'd like to get this resolved before
>> > rolling
>> > SP1, so any suggestions are appreciated.
>> >
>> > Thanks!
>> >
>> >
>> > --
>> > Steve
>>
>>
>>
.
- References:
- Re: RWW works with IP but not FQDN
- From: Steve F
- Re: RWW works with IP but not FQDN
- Prev by Date: Re: SBS 2003 Standard Sp1 Install
- Next by Date: Re: /3GB Switch for SBS 2003
- Previous by thread: Re: RWW works with IP but not FQDN
- Next by thread: Re: Event ID 2000-Source Srv
- Index(es):
Relevant Pages
|
