RE: RWW and New Firewall Problem

Hi Mike,

Thanks for posting in our newsgroup.

I am sorry for the delay due to the weekend.

From your description, I know that you cannot connect the computer in RWW
after the replacement of the firewall. If I am off-base, please don't
hesitate to let me know.

Please do the following steps to narrow down this issue:

Step 1: Please rerun the CEICW wizard. After the replacement of the
firewall, the network configuration was also changed. If your firewall is
UPnP-compatible, the CEICW wizard will configure the device automatically.

For more information, please refer to :
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763

Step 2: Please check the firewall, have you forwarded port 4125 and 3389 to
the external NIC of the SBS?

Technically speaking, in order to allow a remote desktop connection to a
client computer through Remote Web Workplace, a component calledTS Proxy is
used to forward TS requests through a firewall on TCP port 4125, in essence
keeping the connection alive. Once the connection is established on port
4125, the traffic is then redirected to another dynamically allocated port.
All subsequence traffic will flow through the new port at the server to the
client at port 3389.

Since the problem occurred after you replace the firewall, the problem may
be related to the hardware firewall, please also contact hardware
manufacture for help. Thanks for understanding.

Step 3: Please check in RRAS if the port 4125 and 3389 is allowed in.
1. Open the RRAS management console and then expand '' <Server name>, ''
IP Routing '' , "NAT/Basic Firewall '' .
2. Right click ''Network Connection'' to choose Properties, switch to the
''Services and Ports'' tab, select the ''Remote Web Workplace'' item and
make sure "4125" listed in ''Incoming port''. Select Remote Desktop and
make sure port 3389 is allowed in.

If the problem still persists, would you please help me collect the
following information?

1. From the client computer, if you connect to RWW via https://FQDN/remote
and logon as the administrator, will the same issue occur?
2. Where did you connect, from a LAN computer or an Internet computer?
3. Does the issue occur no matter which computer you use to connect from?
4. Please help me to gather the icwlog.txt: c:\program files\microsoft
windows small business server\support.
5. Please give me the screen shot of the error when you cannot connect to
the computer in RWW.
6. What you cannot visit in RWW, is the computer Terminal Server or just
Windows XP client?

Please send the information to v-robeli@xxxxxxxxxxxxx with subject:
37723123-RWW and New Firewall Problem

If you need further assistance, please don't hesitate to let me know.


Best regards,

Robert Li(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================

This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.

=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
<Thread-Topic: RWW and New Firewall Problem
<thread-index: AcdIpvsktvRYEZkzT5+/HjrXTSpeMA==
<X-WBNR-Posting-Host: 70.66.138.239
<From: =?Utf-8?B?VGlraTM1?= <Tiki35@xxxxxxxxxxxxxxxxxxxxxxxxx>
<Subject: RWW and New Firewall Problem
<Date: Sun, 4 Feb 2007 13:54:01 -0800
<Lines: 21
<Message-ID: <10EF0FB4-A962-4B42-A18A-F728903A2DCA@xxxxxxxxxxxxx>
<MIME-Version: 1.0
<Content-Type: text/plain;
< charset="Utf-8"
<Content-Transfer-Encoding: 7bit
<X-Newsreader: Microsoft CDO for Windows 2000
<Content-Class: urn:content-classes:message
<Importance: normal
<Priority: normal
<X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
<Newsgroups: microsoft.public.windows.server.sbs
<Path: TK2MSFTNGHUB02.phx.gbl
<Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:14891
<NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
<X-Tomcat-NG: microsoft.public.windows.server.sbs
<
<Hi Everyone:
<
<I am hoping that someone has seen this problem before. One of my clients
is
<running SBS 2003-(All Clients running XP Pro in the office). Their
previous
<firewall was an older SonicWall and OWA and RWW from the Internet worked
as
<it should. Installed a new Fortigate firewall and mapped ports 443, 4125
and
<25 to the server (192.168.1.10). Outlook Web Access after the new firewall
<works as it should, but RWW no longer does. When a user goes to access
RWW,
<they see the regular login screen and then the appropriate list of client
<computers to connect to, but always receive the client could not
<connect...remote connections might not be enabled...message when they try
and
<choose one. There is a SSL VPN feature on the firewall which I have
enabled,
<but enabling or disabling this feature has no effect. So currently to
access
<their desktops, they have to open up a SSL VPN connection, and then use
<Remote Desktop via IP address to get to their desktop. Too many steps,
<cumbersome to setup initially and would prefer the old RWW method. Does
<anyone have any ideas?
<
<Thanks very much,
<
<Mike
<

.

Relevant Pages

  • RE: VBScript: Remote Desktop Disconnected
    ... I have a client with the same exact scenario. ... Rdp via RWW works fine from ... On the SBS 2003 Server open the Server Management console. ... When navigating to the Firewall page, ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Connection Issue
    ... > If you want to connect to connect to the SBS server box and the LAN client ... you can use the RWW site ... > all related settings in ISA, IIS and firewall automatically. ... >>through port number 3389 and a workstation on the LAN through port number ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Admin Tools source code for Delphi 4,5,6 & 7
    ... this way I guess the traffic is outbound form the client to ... be remoted and opens up a channel on the firewall. ... the actual client you are going to remotely control. ... all using the same configuration and one Port on your machine. ...
    (borland.public.delphi.thirdpartytools.general)
  • Re: open a certain port
    ... My firewall client is enabled. ... set the option to bypass proxy for internal addresses ... ISA 2004 by default allows only SSL through port 443. ...
    (microsoft.public.isa.configuration)
  • Re: two way communication using NAT and port forwarding
    ... >> How does instant messengers like ICQ work from behind the firewall. ... >> seems to be done using NAT or port forwarding. ... A central server maintained by the creators of the messenger ... >> When the client messenger initiates a request from private IP like ...
    (comp.security.firewalls)
Quantcast