Re: Cannot connect to RWW from home PC

Hi John,

Please post the ipconfig/all from the server and a client.
If you have a router, you need to forward ports in the router to the
external nic IP.

--
Regards,

Marina Roos
Microsoft SBS-MVP
One of the Magical M&M's
www.smallbizserver.net
Take part in SBS forum: http://www.smallbizserver.net/Default.aspx?tabid=53
"johnm" <jmorton@xxxxxxxxxxxx> wrote in message
news:uy$71cliIHA.4080@xxxxxxxxxxxxxxxxxxxxxxx
Hi Larry
Just picked up your post - many thanks

it's jcm-group.com not jmc by the way ;-)

I'll let you know how it goes
Thanks again, John
-------------------------------------------
"Larry Struckmeyer" <lstruckmeyer(at)mis-wizards(dot)com> wrote in message
news:uBnmHJhiIHA.4396@xxxxxxxxxxxxxxxxxxxxxxx
I just tried to ping mail.jmc-group.com and got no reply... not even the
DNS listing.

Then to telnet to that url, same result.

Is that is the correct url - domain name for your mail server?

DNS stuff says your mail server is responding with reply that is not MS
Exchange server on IP: 74.208.5.4 That is probably different that what
you will get from the next line:

Go to www.whatsmyip.com and get your public ip address.

run the CEICW and use the ip address for the certificate.

It would help us if you posted it. You can munge it, but since it is
public there is really no reason:

*72*48*178*33*

is not going to get picked up by any bots.

Is your setup like this:

inet - ISA Device - SBS Nic2 - SBS - SBS Nic 1 - Switch - Workstations

You have to know that two things are setup and working.... the address
for RWW, which if you use the IP you can't mess that up, and that the ISP
allows the necessary ports to pass their systems and the "little box"
they gave you. You might want to call them and verify they are not
blocking 25, 443, 444, 4125. Additionaly, if you ever hope to do VPN you
need 1723.

In the end, if you want to use something besides the ip address, you will
need a public DNS record for your public ip address. The referenced name
can be practically anything, but it has to point to the ip address you
get from www.whatsmyip.com . Then you use that name in the CEICW for the
certificate, and in the browser for remote access.


--
Larry


"johnm" <jmorton@xxxxxxxxxxxx> wrote in message
news:eqmPmsgiIHA.4140@xxxxxxxxxxxxxxxxxxxxxxx
Hi Larry
Thanks
No no hardware firewall/router just the simple box that came from
telefonia - it's all through ISA.
When we setup this new SBS2003 setup we installed without ISA as it does
form part of the basic install - we did this a week or so later - we are
not seeing any problems anywhere regards internet or email - we also run
goldmine CRM with 20+ POP3 accounts and all works great - just this
blessed RWW - it's driving me mad....

No haven't added anything to ISA apart from that one port - which I will
delete tomorrow.
We do have 2 nic setup - one for internal and one for ADSL

Regards running CEICW - yes I had realised that and maybe something went
wrong when we installed ISA server from standard setup - but there were
no errors shown at all.

Where do you set up the forwarding for ports 443 and 4125 from router to
SBS? I do not recall needing to do anything with the ADSL modem other
than set the IP addresses for it. Maybe thats where the problem lies -
problem is it will be in Spanish!
TIA, John

"Larry Struckmeyer" <lstruckmeyer(at)mis-wizards(dot)com> wrote in
message news:uylMEZgiIHA.3940@xxxxxxxxxxxxxxxxxxxxxxx
Is there a hardware firewall/router between your server and the
internet?

Do not trust the PnP facility of the Wizard or your router / firewall.
Connect to the device with your browser (follow the setup instructions
for the device) and forward the ports to the nic in your SBS that
listens on the internet. For a two nic server, that is know as the
external nic.

Do not add things to ISA,,,, CEICW does this for you. If you have been
adding and subtracting things from ISA you may have messed it up beyond
the ability of this forum.

I would strongly consider uninstalling ISA, getting the RWW etc to
work, then reinstalling ISA. You have to run the CEICW after each un
install re install, as it does it differently for a ISA installation.

--
Larry


"johnm" <jmorton@xxxxxxxxxxxx> wrote in message
news:%237pxyPgiIHA.5956@xxxxxxxxxxxxxxxxxxxxxxx
Hi Marina and everyone who has tried to help me

Thank you for your help

Yes I have run CEICW - looking in the log I'm on number 'icwdetails11'
and yes I enabled the firewall as one of the options during running
the setup wizard.

I think I'm going around in something of a loop here - so any help
would be greatly apprecieted. Obviously missing something obvious
somewhere!

This is what I have right now.

If I run RWW from my PC within the network using our FQDN it works
perfectly - and what a super facility this is! When I finally get it
working from the internet that is....

I am running ISA 2000 so I'm sort of assuming that if something hasn't
been setup correctly using the wizard that it can be added in ISA
management?
When I look in Access Policy -> IP Packet Filter
I see port 443 in and out
I did not see port 4125 so I added it
I did not see port 444
You say forward 443 and 4125 from router to SBS - where exactly do I
do this - is this done in ISA -> Network Configuration -> Routing?
What do I have to put in there?

We ran SBS2000 for 6 years - never had any of this - 2003 seems a lot
more security minded. I'm sure it's easy once you get your head round
it and much better. On the whole it's been running for 2 months now
without that many problems - we are running all the latest fixes (more
or less) apart from upgrading to ISA2004 - we are waiting for the CD
to arrive from MSoft

But RWW we need to fix - very handy for working from home
TIA
John
----------------------------------------------------------------------------------------------0
"Marina Roos [SBS-MVP]" <marina@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:eh23EQSiIHA.4536@xxxxxxxxxxxxxxxxxxxxxxx
Hi John,

It doesn't have port 443 open, so it can't even listen and get you to
that page on your server. Have you run CEICW and enabled the
firewall, including the services like RWW that you would like to
use? In the router you will have to forward port 443 and 4125 (needed
for RWW) to your SBS.

--
Regards,

Marina Roos
Microsoft SBS-MVP
One of the Magical M&M's
www.smallbizserver.net
Take part in SBS forum:
http://www.smallbizserver.net/Default.aspx?tabid=53
"John Morton" <johnm@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:uBc3JgRiIHA.3940@xxxxxxxxxxxxxxxxxxxxxxx

Hi again
Well maybe I'm missing something here but I tried as suggested using
https://mail.jcm-group.com/remote and still nada!
Getting this below. I can ping jcm-group.com - which has a fixed IP
but cannot get this to work - such a brilliant facility as well
Any further advise ould be greatly apprecieted.
John
message as below:-
--------------------------------------------------------
The page cannot be displayed
There is a problem with the page you are trying to reach and it
cannot be displayed.
--------------------------------------------------------------------------------

Please try the following:

a.. Click the Refresh button, or try again later.

b.. Open the Web site home page, and then look for links to the
information you want.
c.. If you believe you should be able to view this directory or
page, please contact the Web site administrator by using the e-mail
address or phone number listed on the Web site home page.
10060 - Connection timeout
Internet Security and Acceleration Server

--------------------------------------------------------------------------------

Technical Information (for support personnel)

a.. Background:
The gateway could not receive a timely response from the Web site
you are trying to access. This might indicate that the network is
congested, or that the Web site is experiencing technical
difficulties.

b.. ISA Server: jcmsbs1.JCMGroup.local
Via:

Time: 3/18/2008 4:44:27 PM GMT
"Larry Struckmeyer" <lstruckmeyer(at)mis-wizards(dot)com> wrote in
message news:uGqfqx0hIHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
Hi John:

When you run the CEICW you put in the address of your RWW page.
This address must be either your public IP address, or an URL
address for which there is a public DNS record.

If you are receiving mail at your exchange server you have such a
record already. Normally this would be something like
"mail.yourdomain.com", which would point to your public IP address,
so in the CEICW you put "mail.yourdomain.com". It does not have to
be that, and you can add public DNS records that point to
"fuzzy_slippers.yourdomain.com" if you wish.

The last step is to forward the ports required, 443, 444, 4125 from
whatever router/firewall device sits at that ip address to the ip
address of the listening nic ip in your SBS.

Then from outside the LAN you point your browser to
"mail.yourdomain.com/remote" to hit the RWW page, where you can
select which service to use.

--
Larry


"johnm" <jmorton@xxxxxxxxxxxx> wrote in message
news:undetR0hIHA.1944@xxxxxxxxxxxxxxxxxxxxxxx
Hi

I cannot logon to RWW from my home PC no matter what I try

I am using our FQDN : although beginning to wonder if this is set
up correctly - as surely should include something with .com maybe?
https://jcmsbs***.jcmgroup.local/remote I get this page in IE and
error message from Firefox :-

Internet Explorer cannot display the webpage

Most likely causes:
a.. You are not connected to the Internet.
b.. The website is encountering problems.
c.. There might be a typing error in the address.

What you can try:
Diagnose Connection Problems

More information

This problem can be caused by a variety of issues, including:

a.. Internet connectivity has been lost.
b.. The website is temporarily unavailable.
c.. The Domain Name Server (DNS) is not reachable.
d.. The Domain Name Server (DNS) does not have a listing
for the website's domain.
e.. If this is an HTTPS (secure) address, click Tools,
click Internet Options, click Advanced, and check to be sure the
SSL and TLS protocols are enabled under the security section.

For offline users

You can still view subscribed feeds and some recently viewed
webpages.
To view subscribed feeds

1.. Click the Favorites Center button , click Feeds, and
then click the feed you want to view.

To view recently visited webpages (might not work on all
pages)

1.. Click Tools , and then click Work Offline.
2.. Click the Favorites Center button , click History, and
then click the page you want to view.




This address works from my workstation within the sbs2003 network
but not from outside. Can someone please advise?
Many thanks, John




















.