Re: Publish Web Server behind SBS 2003 Standard

Hello Customer,

Thank you very much for sharing your resolution. I appreciate your time on
this post.

I'm glad to hear that things are working correctly for you now. Please do
not hesitate to post in this great newsgroup if you need any assistance in
the future. I look forward to working with you again.

Thank you and have a nice day,

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: jointtechnologiesltd@xxxxxxxxx
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Re: Publish Web Server behind SBS 2003 Standard
| Date: 22 May 2007 22:10:53 -0700
| Organization: http://groups.google.com
| Lines: 232
| Message-ID: <1179897053.593237.108870@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <1177564595.037724.200670@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| <lSwXvuJiHHA.6068@xxxxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: 208.179.125.107
| Mime-Version: 1.0
| Content-Type: text/plain; charset="iso-8859-1"
| X-Trace: posting.google.com 1179897054 30235 127.0.0.1 (23 May 2007
05:10:54 GMT)
| X-Complaints-To: groups-abuse@xxxxxxxxxx
| NNTP-Posting-Date: Wed, 23 May 2007 05:10:54 +0000 (UTC)
| In-Reply-To: <lSwXvuJiHHA.6068@xxxxxxxxxxxxxxxxxxxxxx>
| User-Agent: G2/1.0
| X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3,gzip(gfe),gzip(gfe)
| X-HTTP-Via: 1.1 JTLSERVER1
| Complaints-To: groups-abuse@xxxxxxxxxx
| Injection-Info: q66g2000hsg.googlegroups.com;
posting-host=208.179.125.107;
| posting-account=eR1cRA0AAAD8LQi74ZHdx504lv1DOuSg
| Path:
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed0
0.sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!border1.nntp.dca
giganews.com!nntp.giganews.com!postnews.google.com!q66g2000hsg.googlegroups
com!not-for-mail
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:38786
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I ended up plugging another router into the WAN. then changed the
| default gateway on the webserver to point to the router instead of the
| sbs. however the router gets its DNS from the SBS as well.
| Everything works internally and I can access the website without the :
| 8080
|
| thanks for your replies.
|
| On Apr 27, 12:14 am, v-ter...@xxxxxxxxxxxxxxxxxxxx (Terence Liu
| [MSFT]) wrote:
| > Hello Customer,
| >
| > Thank you for posting here.
| >
| > According to your description, I understand that you want to forward
http
| > connection fromSBS2003standardto internalwebsite. If I have
| > misunderstood the problem, please don't hesitate to let me know.
| >
| > First, we do not support install more than 2 NIC onSBS, that will cause
| > some unknown issue.
| >
| > Based on my research, I have 3 methods to work around your issue:
| >
| > Method 1: MakeSBSas single NIC
| >
| > 1. Remove or disable the other NICs onSBS, to make it as a single
NICSBS.
| >
| > 2. Please run the CEICW
| > Go through the follow KB and Rerun CEICW again carefully.
| >
| > How to configure Internet access in Windows Small
BusinessServer2003http://support.microsoft.com/kb/825763/en-us
| >
| > 3. ConnectSBSand internal clients to a switch, then to your Router.
After
| > that, use Router to do NAT, listening on different IPs or Ports, and
| > forward to different internal servers.
| >
| > Method 2: Different ports
| >
| > 1) Run rrasmgmt.msc inSBS2003
| >
| > 2) Extend IP Routing and you should see the NAT/Basic Firewall node
| >
| > 3) Highlight NAT/Basic Firewall and you will seeSBSserverexternal
| > network interface on right (By default the interface name should be
| > "Network Connection".
| >
| > 4) Right-click Network Connection interface select Properties
| >
| > 5) Click Address Pool, click Add button,
| >
| > 6) Input the additional public IP address and the Start address and End
| > address box, then input net mask of this IP address, click OK
| >
| > 7) Click Services and Ports tap, click Add button
| >
| > 8) Enter the description, select On this address pool entry, input the
| > additional public IP, select TCP, input 80 in Incoming port box, input
| > 10.0.0.5 in Private address box, input 80 in Outgoing port box.
| >
| > 7) Click OK twice
| >
| > Then you can access thewebsite
viahttp://www.domainname.com:8080orhttp://PublicIP:8080
| >
| > Method 3: Different public IPs
| >
| > 1. Please run the CEICW
| > Go through the follow KB and Rerun CEICW again carefully.
| >
| > How to configure Internet access in Windows Small
BusinessServer2003http://support.microsoft.com/kb/825763/en-us
| >
| > 2. Add second public IP on theSBSexternal NIC
| >
| > 3. Forward port in RRAS
| >
| > 1) Run rrasmgmt.msc inSBS2003
| >
| > 2) Extend IP Routing and you should see the NAT/Basic Firewall node
| >
| > 3) Highlight NAT/Basic Firewall and you will seeSBSserverexternal
| > network interface on right (By default the interface name should be
| > "Network Connection".
| >
| > 4) Right-click Network Connection interface select Properties
| >
| > 5) Click Services and Ports tap, click Add button
| >
| > 6) Enter the description, select TCP, input 8080 (any other different of
| > 80) in Incoming port box, input 10.0.0.5 in Private address box, input
80
| > in Outgoing port box.
| >
| > 7) Click OK twice
| >
| > Then you can access thewebsite
viahttp://www.domainname.comorhttp://AdditionalPublicIP
| >
| > Note: If you add more than one IP address onSBSnetwork interface, the
| > CEICW will been broken. So we can not run CEICW again after the steps.
| >
| > Hope these steps will give you some help.
| >
| > Thanks and have a nice day!
| >
| > Best regards,
| >
| > Terence Liu(MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! -www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses onSBStechnical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup
here:http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via thewebinterface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > checkhttp://support.microsoft.comfor regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| > --------------------
| > | From: jointtechnologies...@xxxxxxxxx
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | Subject:PublishWebServerbehindSBS2003Standard
| > | Date: 25 Apr 2007 22:16:35 -0700
| > | Organization:http://groups.google.com
| > | Lines: 62
| > | Message-ID: <1177564595.037724.200...@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| > | NNTP-Posting-Host: 208.179.125.107
| > | Mime-Version: 1.0
| > | Content-Type: text/plain; charset="iso-8859-1"
| > | X-Trace: posting.google.com 1177564602 20639 127.0.0.1 (26 Apr 2007
| > 05:16:42 GMT)
| > | X-Complaints-To: groups-ab...@xxxxxxxxxx
| > | NNTP-Posting-Date: Thu, 26 Apr 2007 05:16:42 +0000 (UTC)
| > | User-Agent: G2/1.0
| > | X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
| > rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3,gzip(gfe),gzip(gfe)
| > | X-HTTP-Via: 1.1 JTLSERVER1
| > | Complaints-To: groups-ab...@xxxxxxxxxx
| > | Injection-Info: t38g2000prd.googlegroups.com;
| > posting-host=208.179.125.107;
| > | posting-account=eR1cRA0AAAD8LQi74ZHdx504lv1DOuSg
| > | Path:
| >
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!newsfeed0
| >
0.sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!nntp.giganews.co
| >
m!out03b.usenetserver.com!news.usenetserver.com!in02.usenetserver.com!news.u
| >
senetserver.com!postnews.google.com!t38g2000prd.googlegroups.com!not-for-mai
| > l
| > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:32698
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | Port forwardingSBSStandard
| > |
| > | I have 2 NICSBS2003Standard. I have 5 useable Public IPs I can
| > | use. Currently I'm using one of them.
| > | I need to host a webserverbehindthe SBSie insde the LAN because it
| > | needs to access theSBSas well as being publicly visable.
| > |
| > | In the past (and Curently in my home setup) I have forwarded certain
| > | ports to a LAN IP. This was fine when it was a portSBSdidnt use
| > | anyway. I did this in routing and remote access snapin - nat/basic
| > | firewall and adding a new service port and forwarding it to the
| > | internal IP.
| > |
| > | With ISA it would be easy to use either host headers or filter traffic
| > | by IP by simply publishing the webserver.
| > |
| > | Unfortunately I'm dealing withStandardso no ISA...
| > |
| > | So after all that, my question is how can I make port 80 and port 22
| > | publically accesable from inside the lan without breakingSBSRWW/OWA
| > | etc? I can do this using Host headers or IP address.
| > |
| > | OK so after hours of playing in routing and remote access I'm no
| > | closer. I have tried adding the other IP address to the network
| > | connection. This is no good andSBSloses it internet access.
| > | I tried adding an IP address pool to the WAN interface and reserving a
| > | public IP for a private computer. This did nothing.
| > |
| > | So From all my playing in RRAS I decided I had it mastered LOL and
| > | figured if I got a 3rd NIC I could give it the IP I wanted and then
| > | send everything to my internal IP through it. NO GO.
| > |
| > | However when I go to the website I can see the 3rd NIC accepting
| > | packets. I also can view mappings on the interface and see the
| > | correct public and private IPs and even my remote IP however the page
| > | times out in my browser.
| > |
| > | I can go to theserverfrom inside the network no problem.
| > |
| > | I tried again adding the ips to the 3rd NICs interface. Tried basic
| > | firewall only. Tried With and Without NAT on the interface. Tried
| > | reserving an address from the address pool and tried with no
| > | firewall. I made sure the service ports on the interface had 80
| > | pointing to the inside IP.
| > |
| > | I'm at a loss. This seems possible with 3 NICs but I can't quite get
| > | it.
| > |
| > | network is
| > |
| > | internet
| > | |
| > | Covad Router - Wide open
| > | |
| > |SBS2003
| > | NIC2 - PublicSBS/Exchange IP (RWW,OWA,SMTP)
| > | NIC3 - Public IP of Website.
| > | NIC1 - Internal IP 10.0.0.4
| > | |
| > | LAN
| > | Webserver - Fedora/Apache 10.0.0.5
| > |
| > |
|
|
|
|

.