RWW Works on LAN - NOT on WAN!
- From: "Glum Sp" <glumsp@xxxxxxxxxxx>
- Date: Sat, 8 Apr 2006 20:37:13 -0400
Hi folks!
I am running SBS 2003 Standard on a single NIC on a Dell server (192.168.1.2
fixed LAN IP; DHCP Server enabled), connected to a Dell Truemobile 2300
switch/router (192.168.1.1 fixed LAN IP, DHCP Server disabled, STATIC WAN
IP; supports UPnP), in turn connected to a Westell DSL modem/router (set to
bridge mode).
Exchange Server is set up to use my ISP (BS)'s SMTP server and the SBS POP
Connector is set up to handle inbound email.
Our web site is NOT hosted on the sBS box but rather by a 3rd party web
hosting company.
I moved Exchange Server's Exchsrvr folder (containing the mdbdata folder)
and the User Shared Folders from the Server's C to D drive, following the
directions given in this Microsoft document:
http://www.microsoft.com/technet/prodtechnol/sbs/2003/maintain/movedata.mspx
NB: I did NOT move ALL of the folders discussed in this paper eg.,
ClientApps folder has NOT been moved, only the two stated in previous
sentence. Is this a problem/do I need to go back and move the other folders
listed in the article?
IPCONFIG /ALL stats for both the SERVER and a network CLIENT (Dell box
running Win XP Pro and hard-wired to Dell switch/router) are appended below,
FYI.
(As an aside, the Dell server IS equipped with TWO NICs only one of which is
currently in use, though I have read that using both - one as WAN connection
to router and out to the net and the other as LAN connection to a switch -
would offer greater security and better performance. True? And if so,
WHY/this is counterintuitive to me ie., I thought that placing the server
behind the switch/router offers greater security (though it makes it more
difficult to configure RWW, etc) and better performance, as the router
handles switching and NAT translation. Any good resources on web you could
point me to, to dig into this a bit deeper?)
Client PC is running Sunbelt Kerio Firewall with Win Firewall Off; and
Server is NOT running a Firewall, yet (understand that win Firewall does not
function in Single-NIC config; any recommendations for good SBS firewall,
hopefully free; and how do I configure it to permit me to continue to
access/manage Serverfrom Client using Remote Desktop on Client?
My Documents folder redirection to the Server is set up on client PC, along
with Offline File Folders.
ICW has been run (sev times) - see full log from the most recent run,
appended below - and I believe that the correct services have been set up;
and the Self-Signed Web Server Certificate has been set up using the Static
WAN IP address.
I can then access RWW from within the LAN, by entering
https://server.domainname.local/remote, and the Server Cerficate notice
(Website Certified by an Unknown Authority) dialog box pops up and I'm able
to click thru and use RWW.
Then, when I try to run the Configure Remote Access Wizard, it HANGS quite
near the end and eventually terminates with an error. The log file is
appended below.
And when I try to access RWW from the web browser of an 'outside'
LAN-connected PC, the operation times out. I can't even PING our static IP
from the WAN.
So, I would appreciate any thoughts on where I should go from here/what I
should try next.
Googling the Configure Remote Access Wizard log file hang error lines:
*** Running IExpress to build the package returned ERROR 80004005
*** ERROR: Cannot delete temp directory CMP3.tmp
Specifying error location (in CMAK) returned OK
*** CRRASCommit::CommitCMAK returned ERROR 80004005
*** CRRASCommit::CommitEx returned ERROR 80004005
I have seen one post which suggests that SBS SP1 may not have been applied
properly. When I go Control Panel|System I see, under System, on the
Properties page:
Microsoft Windows Server for SBS Service Pack 1
but cannot see SP1 listed in the following key in the Server's Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinessServer
And looking at the Application Event Viewer, an error with Event ID: 8331
keeps occuring (Event Detail appended below) and googling this suggests
installation of SP1 was supposed to fix this error.
Does it look then as if SP1 was not fully installed? If yes, are the
instructions given here the correct ones to apply the patch:
http://download.microsoft.com/download/e/0/f/e0fee8ce-768d-41c0-8871-9bc48e0b3fc3/ToDownLoadFilesandReadInstructions.htm
And what happens if any of the 5 patches listed there have already been
installed? Will reinstalling them cause any probs?
TIA!
/gl
SERVER IP Config stats:
~~~~~~~~~~~~~~~~~~~~~~
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>config /all
'config' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER
Primary Dns Suffix . . . . . . . : xxx.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server
Connection
Physical Address. . . . . . . . . : 00-11-43-1D-F3-D6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.2
Primary WINS Server . . . . . . . : 192.168.1.2
CLIENT IP config stats:
~~~~~~~~~~~~~~~~~~~~~~
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\DVaughan.a-1techsupporti>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DavidDT
Primary Dns Suffix . . . . . . . : xxx.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxx.local
xxx.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xxx.local
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
Controller
Physical Address. . . . . . . . . : 00-13-20-02-D5-3A
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.2
DNS Servers . . . . . . . . . . . : 192.168.1.2
Primary WINS Server . . . . . . . : 192.168.1.2
Lease Obtained. . . . . . . . . . : Saturday, April 08, 2006
12:53:22 AM
Lease Expires . . . . . . . . . . : Sunday, April 16, 2006 12:53:22
AM
ICWLog.txt
~~~~~~~~~~
12/6/2005 4:29 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\ICW\wizemail.dll, version 5.2.2651.0
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x7f558).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x119c900, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling CNetCommit::Commit (18467072).
calling CNetCommit::ValidatePropertyBag ().
Call to Querying for the property bag () returned ok.
Property bag is not dirty, skipping validation
calling CNetCommit::Common ().
Call to CNetCommit::Common () returned ok.
Call to CNetCommit::Commit () returned ok.
calling CRFireCommit::CommitEx (0x119c900).
calling CRFireCommit::ValidatePropertyBag (0x119c900).
Call to This is a Router Single Nic configuration only Web Publishing will
be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 1
OMA publishing: 1
RPC publishing: 1
Companyweb publishing: 1
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.
Call to GetPrivateNICGuid () returned ok.
Call to GetIPAddress for private nic () returned ok.
Call to GetSubnetMask for private nic () returned ok.
RUP is published
Call to Fixing the inheritance for root dir () returned ok.
Call to Unpublishing the default web site () returned ok.
Call to Fixing the inheritance for companyweb dir () returned ok.
Call to Unpublishing companyweb () returned ok.
Call to Publishing /Exchange () returned ok.
Call to Publishing /ExchWeb () returned ok.
Call to Publishing /Public () returned ok.
Call to Publishing /ExAdmin () returned ok.
Call to Publishing RUP () returned ok.
Call to Publishing client help for RUP () returned ok.
Call to Publishing Monitoring () returned ok.
Call to Publishing OMA () returned ok.
Call to Publishing ActiveSync () returned ok.
Call to Publishing RPC () returned ok.
Call to Configuring RPC over HTTP () returned ok.
Call to Publishing Companyweb () returned ok.
Call to Publishing Companyweb _layouts () returned ok.
Call to Publishing Companyweb _vti_bin () returned ok.
Call to Publishing Companyweb _wpresources () returned ok.
Call to Notify RUP for OWA () returned ok.
Call to Notify RUP for Monitoring () returned ok.
Call to Notify RUP for RPC () returned ok.
Call to Notify RUP for Companyweb () returned ok.
Call to Restricting exhchangeoma to local server only () returned ok.
Call to Restricting ConnectComputer to local network only () returned ok.
Call to GetInternetServerName () returned ok.
Call to GetNetbiosDomainName () returned ok.
Call to NotifyProvisioning () returned ok.
Call to Limiting number of connections () returned ok.
Call to Sending RUP intro mail () returned ok.
Call to Saving web publishing selection () returned ok.
calling Set Web Publishing Rules (0x0).
Call to GetPrivateNICGuid () returned ok.
Call to WMIGetIPAddress () returned ok.
Call to IISConfig Set () returned ok.
Call to Setting default logon domain for OMA () returned ok.
Call to Setting Anonymous Access () returned ok.
Call to CRFireCommit::Commit () returned ok.
Calling CCertCommit::CommitEx
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: 1
Web server name: 00.11.22.33.444 [ie., fixed WAN IP]
CCertCommit::ValidatePropertyBag returned OK
Updating Client Setup config.dat file returned OK
CCertCommit::EnableSSL returned OK
CCertCommit::RequireSSL returned OK
CCertCommit::NotifyRemoteUserPortal returned OK
Reading the Internet Server Name returned OK
Forcing an update on the provisioning ref count
Updating provisioning info returned OK
Sending RUP intro mail returned OK
CCertCommit::SaveUserSelections returned OK
CCertCommit::CommitEx returned OK
calling CEmailCommit::Commit (0x11be5f0).
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x7f4d4).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x119c900, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x7f544).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x119c900, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling GetDomainAndControllerNames ().
Call to GetDomainAndControllerNames () returned ok.
calling GetOrganizationName (\\SERVER.xxx.local, DC=xxx,DC=local).
Call to GetOrganizationName () returned ok.
calling GetFirstAdministrativeGroup (\\SERVER.xxx.local, DC=xxx,DC=local,
First Organization).
Call to GetFirstAdministrativeGroup () returned ok.
calling GetFirstRoutingGroup (\\SERVER.xxx.local, DC=xxx,DC=local, First
Organization, first administrative group).
Call to GetFirstRoutingGroup () returned ok.
Call to SetCookieAuthentication () returned ok.
Call to Enabling Wireless admin for OMA () returned ok.
Call to Getting NETBIOS domain name () returned ok.
NETBIOS domain name: xxx [notice this is
shorter than in my DN in other places]
Call to Enabling NTLM on /public () returned ok.
calling CommitPOP3 (0x119c900).
Call to CommitPOP3 () returned ok.
calling _SetRegInt4Value (HKEY_LOCAL_MACHINE,
SOFTWARE\Microsoft\SmallBusinessServer\Connectivity\ICW,
Last_MailOption_Exchange, -1).
Ignoring return value from call to _SetRegInt4Value().
Call to CEMailCommit::Commit () returned ok.
calling CNetCommit::SaveConfig ().
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x7f52c).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x119c900, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling CScriptUtil::RenameFile (config3.vbs).
Call to CScriptUtil::RenameFile () returned ok.
calling CScriptUtil::OpenFileToRead (temp.icw).
Call to CScriptUtil::OpenFileToRead () returned ok.
The out param of CScriptUtil::OpenFileToRead() is 0x77bf1d08.
calling CScriptUtil::CreateFile (config3.vbs).
Call to CScriptUtil::CreateFile () returned ok.
The out param of CScriptUtil::CreateFile() is 0x77bf1d48.
calling CopyUntilSection (0x77bf1d08, 0x77bf1d48).
Call to CScriptUtil::CopyUntilSection () returned ok.
calling WriteEmailSection (0x77bf1d48).
Call to WriteEmailSection () returned ok.
calling CScriptUtil::CopyUntilSection (0x77bf1d08, 0x77bf1d48).
Call to CScriptUtil::CopyUntilSection () returned ok.
calling WriteSetPropertySection (0x77bf1d48).
Call to WriteSetPropertySection () returned ok.
calling CScriptUtil::CopyUntilSection (0x77bf1d08, 0x77bf1d48).
Call to CEMailCommit::SaveConfig () returned ok.
Calling CCertCommit::SaveConfig
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: 1
Web server name: 00.11.22.33.444
CCertCommit::ValidatePropertyBag returned OK
CCertCommit::SaveConfig returned OK
calling CRFireCommit::SaveConfig ().
calling CRFireCommit::ValidatePropertyBag (0x119c900).
Call to This is a Router Single Nic configuration only Web Publishing will
be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 1
OMA publishing: 1
RPC publishing: 1
Companyweb publishing: 1
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.
Call to CRFireCommit::SaveConfig () returned ok.
calling CNetCommit::SaveConfig ().
calling CNetCommit::ValidatePropertyBag ().
Call to Querying for the property bag () returned ok.
Property bag is not dirty, skipping validation
calling oScriptUtil.RenameFile ().
Call to oScriptUtil.RenameFile () returned ok.
calling oScriptUtil.OpenFileToRead ().
Call to oScriptUtil.OpenFileToRead () returned ok.
calling oScriptUtil.CreateFile ().
Call to oScriptUtil.CreateFile () returned ok.
calling oScriptUtil.CopyUntilSection ().
Call to oScriptUtil.CopyUntilSection () returned ok.
calling WriteNetworkSection ().
Call to WriteNetworkSection () returned ok.
calling oScriptUtil.CopyUntilSection ().
Call to oScriptUtil.CopyUntilSection () returned ok.
calling WriteSetPropertySection ().
Call to WriteSetPropertySection () returned ok.
Call to CNetCommit::SaveConfig () returned ok.
calling GetBOConnector ().
Call to GetBOConnector () returned ok.
calling spADs->PutEx (ADS_PROPERTY_CLEAR,
msExchSmtpOutboundSecurityPassword).
Call to spADs->PutEx () returned ok.
calling spADs->SetInfo ().
Call to spADs->SetInfo () returned ok.
RRASlog.txt File
~~~~~~~~~~~~~~~~
4/8/2006 3:49 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\RRASWiz\wizrras.dll, version 5.2.2651.0
Calling CRRASCommit::CommitEx
Calling CRRASCommit::ValidatePropertyBag
pdispPPPBag->QueryInterface returned OK
PropertyBag 37298
Reading property value for enabling Remote Access returned OK
bRemoteAccess = 1
Reading property value for VPN returned OK
bVPN = 1
Reading property value for RAS returned OK
bRAS = 0
Calling CRRASCommit::ValidateVPNProperties
Reading VPN Server Name returned OK
VPN Server Name is 00.11.22.33.444 [ie., fixed WAN IP]
Calling CRRASCommit::ValidateDHCPProperties
DHCP server is installed on the box
CRRASCommit::ValidateDHCPProperties returned OK
CRRASCommit::ValidateVPNProperties returned OK
CRRASCommit::ValidatePropertyBag returned OK
pdispPPPBag->QueryInterface returned OK
Pointer to the property bag 37298
Calling CRRASCommit::CommitRRAS
Arguments:
PropertyBag 37298
bRAS 0
bVPN 1
Getting the GUID of the private NIC returned OK
Private NIC Guid is {B6D91E4F-BBD4-49D9-A42B-5F6796C1B007}
Checking whether RRAS is already running returned OK
RRAS already running
Stopping RRAS returned OK
Installing RRAS returned OK
Dhcp server is installed and running on this box
Enabling DHCP client addressing returned OK
Configuring ports returned OK
Identifying the private NIC for RAS returned OK
Setting the default authentication methods returned OK
Disabling NETBIOS for RAS returned OK
Changing RRAS startup type to automatic returned OK
Configuring Remote Access Policy returned OK
Starting RRAS service returned OK
Saving RRAS method returned OK
Method is 2
Where 1 = RAS, 2 = VPN 3 = both
Saving Dhcp Server IP returned OK
CRRASCommit::CommitRRAS returned OK
Calling CRRASCommit::CommitCMAK
Arguments:
PropertyBag 37298
bRAS 0
bVPN 1
Template file name is sbsvpn
Reading VPN Server name returned OK
Reading VPN Server name is 00.11.22.33.444 [ie., fixed WAN IP]
Created temp directory CMP3.tmp
Copying required template files to the temp directory returned OK
Updating CMP template returned OK
Updating CMS template returned OK
Updating SED template returned OK
Creating proxy configuration file returned OK
*** Running IExpress to build the package returned ERROR 80004005
*** ERROR: Cannot delete temp directory CMP3.tmp
Specifying error location (in CMAK) returned OK
*** CRRASCommit::CommitCMAK returned ERROR 80004005
*** CRRASCommit::CommitEx returned ERROR 80004005
Event Log Error
~~~~~~~~~~~~~~~
Event Type: Error
Event Source: MSExchangeAL
Event Category: Address List Synchronization
Event ID: 8331
Date: 4/8/2006
Time: 7:41:56 PM
User: N/A
Computer: SERVER
Description:
The service threw an unexpected exception which was caught at
f:\titanium\dsa\src\lra\abv_dg\lservagent.cpp(4511)
For more information, click http://www.microsoft.com/contentredirect.asp.
-EOF-
.
- Follow-Ups:
- Re: RWW Works on LAN - NOT on WAN!
- From: Frank McCallister SBS MVP
- Re: RWW Works on LAN - NOT on WAN!
- Prev by Date: Re: Server/Network setup question
- Next by Date: Re: Server/Network setup question
- Previous by thread: Re: DNS Configuration Question.
- Next by thread: Re: RWW Works on LAN - NOT on WAN!
- Index(es):
Relevant Pages
|
|
