Re: Still can't connect to RWW or OWA remotely
- From: "Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx>
- Date: Mon, 16 Oct 2006 14:31:51 -0400
Sorry to hear you're still having problems Leon. Hope MS can provide some
insight.
--
Merv Porter [SBS-MVP]
============================
"Leon Willard" <leonwill@xxxxxxxxxxx> wrote in message
news:Ou5UTiU8GHA.2248@xxxxxxxxxxxxxxxxxxxxxxx
Merv and Neadom, in case you are still watching this 'very old' post,
here's an update: We've had hard drive and RAID problems, so last Friday I
was finally able to get around to trying Merv's suggestions.
1. I disabled the firewall through CEICW, diconnected the cable and
uninstalled the external NIC.
2. As for removing the external NIC, I'm using the one built into the
Intel motherboard, but 'uninstalled' through the BIOS setup.
3. Under 'Show hidden devices', this is what shows up:
- Direct Parallel
- Intel Pro 100+ Server adapter
- WAN Miniport (IP)
- WAN Miniport (L2TP)
- WAN Miniport (PPPOE)
- WAN Miniport (PPTP)
No Phantom NICs as far as I can see.
At the command prompt,
set devmgr_show_nonpresent_devices=1 works, but
cd\%SystemRoot%\System32 gave an error saying it wasn't there.
With the external NIC uninstalled and disabled, and the local NIC
disabled, I still couldn't get into the advanced options of the local NIC
to check bindings. Same error saying the firewall couldn't be started, and
no other choices.
I really appreciate all the help that all you folks have given me, but I'm
at a point now of wanting to turn this problem over to Microsoft's tech
support - and pay that $245 incident fee. As we've seen, all other
settings look normal, and I set this thing up 'by the book' to avoid
problems. Except for remote access, the whole system and all of its
components work fine. A baffling problem.
Anyway, thanks again. And if Microsoft finds the solution, I'll post the
results.
Leon
"Neadom Tucker" <neadom@xxxxxxxxxxxxxxxxxx> wrote in message
news:1159917628.886385.265360@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Leon I agree with you. The issues your getting are actually telling you
that it can not find the server.
As I said in another post can you make this thing a DMZ? If so make it
a DMZ and try the access. If not do you have the ability to make it an
ethernet bridge? If so this will make you life 10 times eaiser. If you
do not know how then your ISP should be able to tell you how to do
this. You should be able to contact your ISP and have them help you
with this.
Here is my suggestion.
Networking Configuration
Configure your Router as an Eithernet Bridge.
Purchase a DLink or Linksys or Zyxel or whatever type of reliable
router with a firewall and port forwarding capabilities. I would
suggest a Zyxel UTM 5 as this provides what your looking for. Not sure
what your provider is but if it is DSL then you will need to enable
PPoE and have it login to the modem with the correct username and
password. This will then allow all traffic to get passed through to
the router. The router should now have the External IP Address.
Once this is completed you can use NAT to give your server its Internal
IP Address. You will no longer need an external IP address on the
server.
Possible Network Configuration
Router LAN Configuration
IP: 10.11.12.1
Subnet: 255.255.255.0
DNS: Provided by your ISP
Server Configuration
IP: 10.11.12.100
Subnet: 255.255.255.0
Gateway: 10.11.12.1
DNS: 10.11.12.1 or Public DNS or Servers IP Address
Note: If your using the server as the DNS for the clients then make
sure that you enable DNS Forwarders to your ISPs addresses.
Once you have this then configure the Routers Firewall and Port
Forwarding to pass the required ports to the server: 10.11.12.100
Ports 3389 for Terminal Services to your Server
Ports 110 and 25 for Email
Port 4125 for RWW
Port 80 for WWW and OWA
Port 443 for SSL
Once this is completed you should have access to your system through
Terminal Services and your RWW and OWA should work fine. You may need
to reissue your certificate. I do not think so though because it is
all DNS based.
Thanks Neadom
Leon Willard wrote:
Hey, I used to wonder how these very long threads came into being -- now
I
know. OK, here's the results (rather depressing) of checking and redoing
all
the settings you folks suggested.
First, I expanded everything under IIS, checked all settings, and
nothing
was being blocked. Just to be sure, I stopped all the services and
restarted
them. Everything still looked the same with nothing being blocked. I
completely reran CIECW, first disabling settings, then selecting
broadband
with local router, e-mail (no VPN), firewall, then selecting OWA, RWW,
and
SharePoint services. I rebuilt the certificate using the public IP
provided
by DSL ISP. At the end I went back and checked the IIS settings and
printed
out the Summary of Settings for CEICW, reviewed the summary and didn't
see
anything that looked wrong.
What I can't do or haven't done yet:
- can't Remote Desktop into the server.
- can't connect to RWW or OWA from either a remote connection or by
using
laptop plugged into port on DSL router.
- can't access Advanced tab to check bindings on NICs (although Summary
of
Settings looks right).
- haven't made server DMZ through router (this Efficient 5861 is not
'user
friendly', so don't know how).
After all this checking and reconfiguring, I still wonder if that DSL
router
isn't blocking something. I opened the ports using their command line
interface but had on way of verifiying them as open. Still, Internet
service, e-mail, and RWW is available to all users on the network. But
nothing is available from a remote connection.
Leon
"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message
news:eDmiK$J5GHA.1256@xxxxxxxxxxxxxxxxxxxxxxx
Hi Leon,
I saw a post recently that was similar to your situtation with the
"(IPNAT.sys)" error. That poster solved his problem with RWW by
enabling
the Windows Firewall service and starting it. I'm not sure why this
worked (the Windows Firewall service should be disabled in SBS 2003
SP1)
but you might give it a try just to see if it works and allows to to
externally access RWW. (Then maybe we can find out why it worked).
--
Merv Porter [SBS-MVP]
============================
"Leon Willard" <leonwill@xxxxxxxxxxx> wrote in message
news:%23jRITLD5GHA.400@xxxxxxxxxxxxxxxxxxxxxxx
Neadom - here's our installation:
The server is a SBS2003 SP1 Standard box without ISA, using the two
NIC
configuration. Broadband is an Efficient 5800 Series DSL modem-router
with a 4-Port switch set up with a static IP from our (AT&T) ISP. The
NIC
#1 (external WAN) has a fixed IP address192.168.254.10, and connects
to
the DSL router 4-port switch.
DHCP is handled by the server, and the #2 NIC (internal LAN) uses
fixed
IP 192.168.16.2. This NIC connects to the LAN 24-port switch along
with
all workstations. -- The laptop was plugged into the Efficient 4-port
switch.
This installation worked as expected once it was set up -- that is,
all
workstations have Internet access, Exchange server handles the email,
and
all users are able to connect printers, files, and other resources.We
could access features like RWW and OWA internally, but not remotely.
As
you can see, Merv has been a big help on diagnosing some of these
problems step by step.
Here's where we are right now. If I try to check the bindings on
either
of the two NICs by clicking the Advanced tabs, it won't open that
box,
and instead pops up this message: "Windows Firewall cannot run
because
another program or service is running that might use the network
address
translation component (Ipnat.sys)".
This turns out to be a bogus message. Windows Firewall is disabled.
So
something else seems to be seriously wrong. Your comment, "To me it
sounds like a routing issue. Because your request to the server is
not
being answered", is probably correct. But what is causing it? And
what's
causing these network cards to be so goofy?
Leon
<neadom@xxxxxxxxxxxxxxxxxx> wrote in message
news:1159565036.401754.157850@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Leon can you give us your network topology?
For Example
Internet>Modem>Router>Switch>SBS Server
Or
Internet>Modem>Router>Switch>SBS Server Internal Nic
Internet>Modem>Router>SBS Server External Nic
What sort of provider do you have coming in? DSL/Cable or T1?
Is the Modem also your Router? If not what type of Router? If your
using DSL is the Modem acting as a bridge or is it doing the PPOE
Auth?
Where is the mix are you connecting your laptop? From inside the
network or outside the network.
To me it sounds like a routing issue. Because your request to the
server is not being answered.
Thanks
Neadom Tucker
Kotori Technologies, LLC
Leon Willard wrote:
Whoa! -- The ipconfig /all stuff I cut and pasted into my response
looks
ugly now, and with too much space in between lines. It was
formatted
using
courier, and looked OK before I hit the Send button.
Is there a better way to do it?
- Leon
"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in
message
news:uxNfmoc3GHA.3492@xxxxxxxxxxxxxxxxxxxxxxx
Hi Leon,
Could you please post an ipconfig /all for the SBS server and
for
a
workstation?
When you ran CEICW, did you select "a direct broadband
connection",
enable
the firewall, select the services, select the Web Services, enter
your
Public IP address for the web server certificate, then finish the
rest of
CEICW?
Also, try taking the router out of the equation...
Attach a laptop that's configured for a workgroup (not a domain)
to a
free
port on the router. Give it a static IP address of
192.169.254.x, a
Subnet Mask of 255.255.255.0, and a Default Gateway of
192.169.254.10
(the
LAN IP address of the router). Then try to RWW into the SBS
server.
If
you're successful, the router configuration is the problem. If
not,
you're SBS server config (or the external NIC) is having a
problem.
--
Merv Porter [SBS-MWP]
============================
"Leon Willard" <leonwill@xxxxxxxxxxx> wrote in message
news:Os4g8zb3GHA.5092@xxxxxxxxxxxxxxxxxxxxxxx
To update my problem from what is stated below: I followed the
advice I
received from serveral people on this newsgroup, and opened
ports
443,
444, 4125, 1723 and 3389 in our Efficient 5861 DSL router, and
AT&T
verified port 25 was open.
But I still couldn't connect remotely using
https://publicIP/remote.
So I
called Efficient tech support to have them verify that the ports
I
specified were actually opened. Their tech told me he couldn't
telnet
into our router through our public IP to check. And he couldn't
ping
that
IP either. He asked what method I used to forward the ports
using
telnet
(it's <system addserver [private IP for server] tcp port number>
which I
took from their app note), and he said I was doing it correctly.
After
that I reran CEICW to verify all Web services were checked.
But I still could not connect remotely. So it would seem that
I've
got
something cofigured wrong, or something not yet configured.
Also,
Adaptec
wanted to connect to our SBS to update some drivers, but were
not
able to
connect. They asked me to connect to their site remotely from
our
server,
and I wasn't able to do so. However, I was able to connect to
their
site
from a workstation on our network. So it seems our SBS is still
the
source of the connection problems. And once again, I'll
appreciate
your
help on this. Thanks.
Leon
I recently completed an installation of SBS2003 Standard without
ISA
using
the two NIC configuration. At the front of the external 'WAN'
NIC is
a
DSL
router set up with a static IP from our ISP. This external NIC
IP
address
is
192.169.254.10 Our ISP (SBC) also provides us five additional
static
IP
addresses which we don't use. The internal (LAN) NIC is using IP
192.168.16.2. We also have a website hosted by SBC, but we don't
use
it's
registered name or IP address for our SBS2003 network
configuration.
(except
as mentioned below for a certificate).
From inside the network, all users can access RWW and Exchange
just
fine.
And the rest of the network and email works fine for all users
also.
Our
problem is that we cannot connect to RWW or OWA from the
Internet.
When I
try to connect using https://certificate/remote I always get the
"Cannot
find server or DNS Error" message.
I have run CEICW a bunch of times and haven't gotten any errors.
I
have
assumed that the problem is the certificate I am generating. I
have
tried
using server.registered website name, but it doesn't work. I
have
also
used
the DSL public side IP address/remote, and that doesn't work
either.
It's
pretty clear that I don't know how to fix this problem, and any
help
will
be
greately appreciated. Thanks.
.
- References:
- Re: Still can't connect to RWW or OWA remotely
- From: neadom@xxxxxxxxxxxxxxxxxx
- Re: Still can't connect to RWW or OWA remotely
- From: Leon Willard
- Re: Still can't connect to RWW or OWA remotely
- From: Merv Porter [SBS-MVP]
- Re: Still can't connect to RWW or OWA remotely
- From: Leon Willard
- Re: Still can't connect to RWW or OWA remotely
- From: Neadom Tucker
- Re: Still can't connect to RWW or OWA remotely
- From: Leon Willard
- Re: Still can't connect to RWW or OWA remotely
- Prev by Date: Re: Cannot Access FTP or Company Website (Externally Hosted) - HELP!!!
- Next by Date: Re: Gigabyte GA-M55plus-S3G, RAID and SBS2003
- Previous by thread: Re: Still can't connect to RWW or OWA remotely
- Next by thread: Allowing Remote Clients to Access Network Shares
- Index(es):
Relevant Pages
|
