Re: Joining workstations across VLAN

Hello Rob,

Thank you for posting here. Let's also thank Steve for the input.

According to your description, I understand that you unable to access
connectcomputer from the other IP subnet. If I have misunderstood the
problem, please don't hesitate to let me know.

Based on my research, I suggest we try the following steps to see if we can
resolve this issue:

1. This issue may occur if you connect to the ConnectComputer server by
using the IP address or the Fully Qualified Domain Name (FQDN) instead of
the server name. When you connect by using the IP or the FQDN, the site
runs under the Internet security zone. The Internet security zone typically
contains higher security settings than the Local intranet security zone.
The ConnectComputer server requires lower security settings to run
correctly.

To resolve this issue ,type the NetBIOS name of the ConnectComputer server
to it. For example, type http:// server name /connectcomputer in the
Microsoft Internet ExplorerAddress box.

You receive an error message when you try to join your computer to a
Windows Small Business Server 2003 domain
http://support.microsoft.com/?id=838431

2. Please rerun the CEICW to reconfigure IIS on SBS:

Go through the follow KB and rerun CEICW carefully.

How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us

Detailed steps for your reference:

a. On the SBS 2003 Server open the Server Management console. Go to
Standard Management\To Do List.

b. Click the "Connect to the Internet" link.

c. When navigating to the Firewall page, select "Enable firewall" and click
Next.

d. On the "Services Configuration" page, select all the items and then
click Next.

e. On the "Web Services Configuration" page, make sure "Allow access to the
entire Web site from the Internet" is selected. If you select "Allow access
to only the following Web site services from the Internet", make sure all
items in the list are selected. Click Next.

f. On the "Web Server Certificate" page, choose to create a new Web server
certificate and then type the public domain name (your public DNS name)
that you will use to access OWA and RWW (for example, if your public domain
name that you use to access the sites is www.xyz.com, you should type
www.xyz.com as the new certificate name).

g. Go through the remaining steps.

3. Check the IP Address and Domain Name Restrictions of the ConnectComputer
Virtual Directory as you did before.

If we cannot resolve the issue after we perform the above steps, please
help me collect some information for further investigation:

1. Does this issue happen when you access ConnectComputer from
192.168.17.0/24 network?

2. Please capture screenshots on the error page and send the pictures to me
at v-terliu@xxxxxxxxxxxxx

3. Gather MPS network report on SBS:

a. Download MPSrepot_network from
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_NETWORK.EXE

b. Run MPSRPT_NETWORK.exe.

c. The tool will automatically collect the information. This procedure will
take 10~15 minutes.

d. Open Windows Explorer, navigate to the folder:
%SystemRoot%\MPSReports\Network\Reports\Cab\

e. Send the .cab file directly to me at v-terliu@xxxxxxxxxxxxx

4. Gather IIS log:

a. Open IIS snap-in.

b. Right click Default Web Site and click Properties.

c. Uncheck the "Enable Logging" box and click Apply.

d. Go to C:\WINDOWS\system32\LogFiles\W3SVC1 folder and move all files to a
backup location.

e. Check "Enable Logging" box and click OK.

f. Run IISReset command.

g. Reproduce the problem and send the log file in
C:\WINDOWS\system32\LogFiles\W3SVC1 folder to me for research.

5. Gather IIS Metabase:

1) Download the IIS Resource Kit tools from the following page:
http://www.microsoft.com/downloads/details.aspx?FamilyId=56FC92EE-A71A-4C73-
B628-ADE629C89499&displaylang=en

2) Install it, run MBExplorer (Metabase Explorer)

3) Right click the "LM" node and choose "Export to file".

4) Specify a file name, specify the password and finish the export.

5) Send the file and the password to v-terliu@xxxxxxxxxxxxx

I hope these steps will give you some help.

Thanks and have a nice day!

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "r042wal" <rob@xxxxxxxxxxxxxxxx>
| References: <C6429DE2-B2B0-4D29-A815-2F1D6EA1D5E6@xxxxxxxxxxxxx>
<xn0fo2kw03c2xs001@xxxxxxxxxxxxxxxxxxxx>
<4BF5E94D-51FB-4D4D-9262-B0B539D767A9@xxxxxxxxxxxxx>
<xn0fo2r5jbq40400b@xxxxxxxxxxxxxxxxxxxx>
| In-Reply-To: <xn0fo2r5jbq40400b@xxxxxxxxxxxxxxxxxxxx>
| Subject: Re: Joining workstations across VLAN
| Date: Mon, 24 Mar 2008 18:32:13 -0400
| Lines: 42
| Message-ID: <8A8E0DB3-17A3-4E29-AFEB-46ED2D7FD052@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| format=flowed;
| charset="iso-8859-1";
| reply-type=response
| Content-Transfer-Encoding: 7bit
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Windows Mail 6.0.6001.18000
| X-MS-CommunityGroup-PostID: {8A8E0DB3-17A3-4E29-AFEB-46ED2D7FD052}
| X-MS-CommunityGroup-ThreadID: C6429DE2-B2B0-4D29-A815-2F1D6EA1D5E6
| X-MS-CommunityGroup-ParentID: FD6D1A7D-5CD4-4B00-B217-8C63F592E567
| X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18000
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:99696
| NNTP-Posting-Host: TK2MSFTNGHUB02.phx.gbl 127.0.0.1
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Steve:
|
| I have just reviewed my last 10 SBS installations and they all allow
access
| from "any" IP address for the default web site. Otherwise, how would OWA
| and RWW work? I have never changed IIS on any install so I suspect the
| CEICW does this when you select "allow access to only the following Web
site
| services from the Internet". What do you think?
|
| I do not see how I can add the three internal networks to the default web
| site without killing outside access to OWA, RWW, RPC over HTTPS and OMA.
I
| have to deny access to all IP's in order to grant access to the three
| internal IP's.
|
| Am I missing something here?
|
| Thanks,
|
|
|
| "Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx> wrote in message
| news:xn0fo2r5jbq40400b@xxxxxxxxxxxxxxxxxxxxxxx
| > r042wal wrote:
| >
| >>Steve:
| >>
| >>The way the default web site IP restrictions are set by default, "all
| >>computers will be granted access" and the except list is blank. Are
you
| >>suggesiting I change this so that by default, "all computers will be
| >>denied access"?
| >>
| >
| > Default settings for SBS are to restrict access to the Default Web Site
to
| > only the local subnet and localhost (127.0.0.1).
| >
| > If you've already removed those, then you'd need to start looking into
| > event logs and IIS logs to track the error down.
| >
| > --
| > Steve Foster [SBS MVP]
| > ---------------------------------------
| > MVPs do not work for Microsoft. Please reply only to the newsgroups.
|
|

.

Relevant Pages

  • RE: tsweb, RWW, OWA not working
    ... lan as well "HTTP/1.1 500 Internal Server Error". ... Check the properties of the Default Web Site in IIS. ... > that link to work over the internet you have to edit the HTML code. ... You can change this in the IIS Manager, ...
    (microsoft.public.windows.server.sbs)
  • RE: HELP! Strange Problem with Internet Access after Migration
    ... Server, you cannot access your web site www.tapeandmedia.com, but other ... If you are using ISA 2000, there is a known issue when the internal client ... Since the internet computers can access the published web sites, ...
    (microsoft.public.windows.server.sbs)
  • Re: ConnectComputer Problem
    ... modem plugs into the linksys router and the router connects the internet to ... the server internal nic with a generic setting of 192.168.16.2. ... NICs ... Add the ConnectComputer server's IP address or FQDN to the ...
    (microsoft.public.windows.server.sbs)
  • Re: ConnectComputer Vista to SBS 2003 fails
    ... If you use a public proxy server to browse the Intrernet, ... Default web site is not listening on "All Unassigned" for port 80. ... Run CEICW to re-configure the network and firewall on the SBS server. ... Add the ConnectComputer server's IP address or FQDN to the Local Intranet ...
    (microsoft.public.windows.server.sbs)
  • Re: problems publishing owa on sbs2003 with isa2000
    ... On the SBS 2003 Server open the Server Management console. ... Click the "Connect to the Internet" link. ... entire Web site from the Internet" is selected. ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)