Re: Companyweb + Client's firewalls

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

So, Scott, your other solution is to bring a laptop with wireless access /
Verizon PC card with you, and connect up to your server and avoid going
through your customer(s) networks and firewalls.

--
Kevin Weilbacher [SBS-MVP]
"The days pass by so quickly now, the nights are seldom long"


"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23TX9UwtrHHA.1476@xxxxxxxxxxxxxxxxxxxxxxx
Scott Shinnie <ScottShinnie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I have had the following problem for months and grateful if anyone can
suggest a workaround.

We have companyweb setup and accessible externally (home broadband
etc) using remote.domain.com:444. System prompts for credentails and
access is fine. However, access to companyweb from customer sites
does not work i.e. from within customer network/firewall.

I assume this is because the customer's firewall blocks the use of
port 444 but allows 443 as we can access owa, RWW etc.

Yes.

As a
workaround I setup a terminal server within our network hoping that
clients could access the application sharing server via RWW and
basically access companyweb locally. However I also get an error
using this method - vbscript:remote desktop dicsonnected. I assume
because port 4125 is blocked by customer outgoing.

Correct.

We have requested
these ports be opened but months have passed without this being
implemented.

Can anyone suggest a way forward to avoid requesting each customer to
open the firewall for ports 4125, 3389 and 444.

No - this is something they need to do.

Assume I could use the vpn option of SBS but suspect the port may
also be blocked.

I'd be surprised if it weren't. Generally, if outbound traffic is blocked
at all, you're limited to HTTP/80 andHTTPS/443.


I have read responses on the web that sugest that companyweb can run
on port 443 but not sure if this is a good idea.

No - don't muck with anything.

I only have a
single NIC setup on the SBS server.

Thanks in advance

This is something that whomever manages these networks will have to deal
with - toss the ball in their court. If you're supposed to be doing X Y
and Z while on their networks, they'll need to open the ports you need to
do so.



.

Relevant Pages

  • Re: Companyweb + Clients firewalls
    ... was firewall related but tests have now shown that some sites can access the ... and connect up to your server and avoid going ... port 444 but allows 443 as we can access owa, ... This is something that whomever manages these networks will have to deal ...
    (microsoft.public.windows.server.sbs)
  • Re: T-Mobile Secure Mail Connector broken since Sept 14, help?
    ... Use a colon to separate from the servername and the port. ... "A NEW T-Mobile Subscriber" wrote in message ... > initiating SMTP connections to my mail server. ... >> Customer 09/18/2004 10:21 PM ...
    (microsoft.public.pocketpc.phone_edition)
  • Re: MSMTP Authorization
    ... I don't know msmtp, so I don't know if it's a problem. ... mail server on dynamic IPs listed in the PBL?" ... The Spamhaus PBL enables networks to enforce this ... tcp port 25" and ...
    (comp.mail.mutt)
  • Re: Inaccessible Port 80 - Pentest
    ... Demo of a service restricted to a specific customer or set of customers. ... It's easy to set up, put a server in a DMZ, static it to a public IP, and use the firewall ACLs to restrict access to those allowed to access it via source IP. ... revealed only port 80 open which sounded ok. ... Internet, open one port on it and then block it from public use? ...
    (Pen-Test)
  • Re: PDCs , dhcp and dns, and broadband router -- seeking opinions on best config
    ... > I am asking for advice or comment on the suggestions my customer ... > own address for DNS ... > the SERVER as the sole DNS server ... > I think this is a common config in such size networks, ...
    (microsoft.public.win2000.networking)