Re: Internal access to external website.

3. is actually that the request is being sent to his router (WAN IP) and the
router is not properly handling 'loopback processing'. 'WebAdmin' is the
router's configuration pages.

'Loopback processing' being where a client on the LAN side of the router
requests a service on the WAN IP which theoretically should be forwarded to
the SBS (or some other box) using the router's port forwarding rules. Most
'commodity' routers do not handle it properly, matter of fact I don't know a
single one that does. More 'high end' equipment handles it properly, but
even then not always.

"Cris Hanna [SBS-MVP]" <crisnospamhanna@xxxxxxxxxxxxxxxxxxxxx> wrote in
message news:O5lMPJHgIHA.4880@xxxxxxxxxxxxxxxxxxxxxxx
1. You should not be hosting any website on your sbs box...you are just
asking to have your server compromised...its not a matter of if...just a
matter of when

2. Move your site to godaddy or some other national hosting company for
about 5.00 a month and this issue goes away and your network is more secure

3. Your issue has to do local DNS not resolving properly and security on
the site.

--
Cris Hanna [SBS-MVP]
-------------------------------------------------
Microsoft MVPs
Independent Experts (MVPs do not work for MS)
Real World Answers
---------------------------------------------------------
Please do not contact me directly regarding issues

"Charles" <Charles@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B144A965-47D6-4545-976B-FE96356939ED@xxxxxxxxxxxxxxxx
Hello,

I have a sbs 2003 box with thats hosting a few static html pages for an
external website. The problem is is that when a user tries to access the
external website from a workstation attached to the network by simply
typing
the web address in their IE address line they are prompted with the
following
login popup window that states: (I altered the web address)

The server www.xxx.com at WebAdmin requires a username and password.

Warning: This server is requesting that your username and password be sent
in an insecure manner (basic authentication without a secure connection).

All users including the admin are prompted with this request and when we
try
typing in the server name in the address line such as http://xxx-sbserver
a
401 unauthorized page is returned.

None of their login id's or passwords work on the login popup. The
website
works just fine externaly as well as the other RWW features.(from
internet)

Any ideas?

Thanks, Charles


.

Relevant Pages

  • Re: No inbound email from external domains -- please help!
    ... Was not particularly pointing at you with the comment about disclosing the info needed, but you would be amazed at what gets XXXXX'd out when people request help in this space. ... except for the error that the tool cannot reach your mail server. ... My guess is that your router took a hit. ... verify that the wan facing nic and the inside port on the router are still in the same subnet. ...
    (microsoft.public.windows.server.sbs)
  • Re: Secruing IIS 6.0 & Windows 2003 Small Business Server
    ... router that sits between your intranet and internet. ... you're pretty much done on the second web server configuration using ... IIS6 -- and any further ... Set up SSL on this external website using a self-signed certificate ...
    (microsoft.public.inetserver.iis.security)
  • Re: No inbound email from external domains -- please help!
    ... I can telnet the SMTP server internally, ... I don't know how to verify router forwarding all 25 request to wan side. ... Your server is not responding to any telnet requests. ...
    (microsoft.public.windows.server.sbs)
  • Re: DNS server with internal IP
    ... LAN machines, including the server itself, to use the local server forDNS. ... can use the one which your router uses if you like. ... If the request is for a local machine or AD resource, ... server will forward the request to the externalDNSserver, ...
    (microsoft.public.windows.server.networking)
  • Re: VPN error 721
    ... Error 721 is usually caused by the router (or some other router/firewall in ... Without any changes to the server, the clients, ... > then the request for authentication, ... > to drop the connection. ...
    (microsoft.public.win2000.ras_routing)