Re: Webmail not working

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Thanks for replying Les,
I am currently VPN'ing to test the connection before I go live with
forwarding the internet domain to the router IP.

In the end I am going to configure the router to have two IP addresses on
the public side and the SBS will occupy one of those so that any access to
the router with one of my public addresses will automatically forward to the
ISA box.

The test should work with me VPN'ing to the External side of ISA.

I am reluctant to change the name of the certificate as when I ping the
listener name it resolves to the correct IP address.


"Les Connor [SBS MVP]" wrote:

b) use the router as a simple nat device, port forwarding what you need for
the SBS features you select

.... with the SBS as the VPN endpoint, rather than the router.

--
Les Connor [SBS MVP]


"Les Connor [SBS MVP]" <les.connor@xxxxxxxxxxxx> wrote in message
news:E82A72E7-B1DD-45DA-AD7A-8E30FBC685A0@xxxxxxxxxxxxxxxx
SBS is simple? Where did you get that from ;-)..

I don't know why you'd want to VPN to your router - but in order for that
to work the way you've got your network configured, you'd need to enter
192.168.0.x as the certificate name when you run the CEICW.

If VPN is something you need, then I'd suggest you do one of two things:

a) remove a nic (and ISA server firewall) on your SBS so it's single
homed, or:
.


--
Les Connor [SBS MVP]


"marcm" <marcm@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:23383C9E-8302-415E-BD74-99333657B256@xxxxxxxxxxxxxxxx
I have run the CEICW again and reconfigured the firewall and access
settings
but I still cannot access even via external IP address.

I VPN to router so I am on the same IP range as the External NIC. Enter
https://192.168.0.x/Exchange and I get the page cannot be displayed.
Enter http://192.168.0.x/Exchange and I get Error Code: 403 Forbidden

I'm lost as to what to do. I thought SBS was supposed to be simple.

"Les Connor [SBS MVP]" wrote:

You can use http://aaa.bbb.ccc.ddd/remote or /exchange - i.e. a public
IP
address.

But to do so successfully, you must name your certificate
aaa.bbb.ccc.ddd
when you run the Connect to the Internet Wizard. Don't run any ISA
wizards,
they're not SBS aware. If you're not an ISA expert, you must let the
CEICW
set your ISA rules.

--
Les Connor [SBS MVP]


"marcm" <marcm@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:369D03DB-3ACD-4F30-B718-DB6B32482900@xxxxxxxxxxxxxxxx
Hi,
I understand that I need to enter the certificate but if I am
accessing he
server from the WAN side via a router all I can do is reference an IP
address
or at best point my domain name at the published IP address of my
router.
That would then allow me to address via name. But I would stil have
the
same
problem.

I have an SBS server with dual Nics so this enables me to run ISA2004
as
well to firewall the server.

So I have:

Router <----->192.x.x.x(Nic1)--ISA--SBS2003--(Nic2)--10.x.x.x

I can address the published name publising.XXX.local, this was
generated
when I created the certificates to allow https.

The annoying thing is that all the ISA rules are set up for the OWA
RWW
etc.
but I cannot see the forwarding. THe log of ISA shows that the
session
was
opened and then closed and the forwarding request is lost. It never
get
to
publishing.XXX.local but it is stated in the rules.

Its all very confusing. I will need to be able to access via IP
address
as
I need to forward ports from the router to the server and I cant
reference
the server by name from the internet, I have to do it by IP or domain
name.


"Douglas Boyd [MSFT]" wrote:

Hello

When using ISA on the server by default, you will need to provide the
fully
qualified server name that you provided when you ran the ciecw and
created
the certificate. So if you used mail.abc.com when you ran the ceicw,
you
will enter http://mail.abc.com/remote exchange or
https://mail.abc.com/remote or exchange. If you use the name and then
try
the ip address http://xxx.xxx.xxx.xxx/remote you will get a 403.6
error
reported.

I hope this helps

Doug Boyd
dboyd@xxxxxxxxxxxxxxxxxxxx

This post is provided "AS IS" with no warranties and confers no
rights





.

Relevant Pages

  • Re: RWW Timing
    ... If you have installed ISA, ... Expand the server node and highlight ''Monitoring''. ... In the following website you can find many useful resources related to SBS ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Server/Network setup question
    ... currently the users are getting IP addresses from DHCP on the router. ... SBS server a static IP address in the same range as the router. ... be in a subnet that is different from the SBS LAN (with their own Internet ...
    (microsoft.public.windows.server.sbs)
  • Re: Problem Configurating Firewall
    ... Isa Server Job Scheduler ID 7001 ... A SBS 2003 R2 Premium server. ... connected to the internet thru a router. ...
    (microsoft.public.windows.server.sbs)
  • Re: Server/Network setup question
    ... By performing a full installation yourself, looking at what you may wish to ... IP Address/mask, same subnet as router. ... An SBS installation is complete _ONLY_ after all items in the ... My server is coming with SBS pre-installed. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... DNS on your server is broken. ... Les Connor [SBS Community Member - SBS MVP] ... and put in the ip of the router. ... The local router has the broadband connection ...
    (microsoft.public.windows.server.sbs)