Re: Configuring SBS2003 for OWA and RWW
- From: Pessable <pessable@xxxxxxxxx>
- Date: Wed, 25 Jun 2008 07:14:19 -0700 (PDT)
On Jun 24, 7:48 pm, Joe <j...@xxxxxxxxxxxxxx> wrote:
Have you got ISA running? The standard SBS is OK by default.
It's SBS standard so no ISA.
- Created Port Forwards from the external IP address to the server
internal IP address:
+ 25, 80, 443, 444, 1723, 4125, 3389
OWA uses 443 only, RWW needs 443 and 4125. 80 and 3389 are unnecessary,
and not recommended as they are common targets for crackers. 1723 is
used only by PPTP VPN, and then it must be accompanied by IP protocol
47, so it's no use at all on its own.
I took a (temporary) blunderbuss approach on the basis that if I got
it working I could shut them down one at a time.
There are two certificate issues: one arises if your certificate is not
trusted by the web browser, and if you've generated it yourself with the
CEICW, then outside the domain it won't be. The answer to that is to
either import the server's root certificate, which is a bit of a
nuisance, or to tell IE to trust and import the one it's being offered.
With IE7 you need administrative privileges to do that, which is pretty
daft in a domain situation.
The other issue is the exact name. The point of server certificates is
to guarantee that the server is indeed the one corresponding to the URL
you typed, and the browser is supposed to complain if it isn't. The
problem if you use the web services from both inside and outside the
network is that the certificate is created for only one URL. The usual
answer is to bodge the DNS system so the users on the LAN can reach the
web page by typing the external URL. Most routers won't allow that
directly, so you probably need a DNS record mapping the external name to
the internal IP address. You are always offered the option of using the
web site anyway, even if the certificate doesn't match, so it won't
actually prevent access, though you may have to hit IE7 quite hard to
get it to see sense.
I'm not getting that far I don't think.
Try using Firefox from outside tohttp://mail.name.com/exchange, which
should give you OWA.
When I try this it changes the link to https://... and I get:
Failed to Connect
The connection was refused when attempting to contact
mail.name.com
It will allow you to override the certificate
issues. Microsoft finally got the message about browser security, but
they went a bit over the top, which only encourages people to disable
the security features. Persuading IE7 to do something it doesn't want to
is not always intuitive. Firefox won't do RWW, as that requires an
ActiveX control and therefore IE6 or 7. You may also need to kick it to
get it to allow an ActiveX installation.
I've been trying everything in IE7, FF2 and FF3 anyway, just in case
it gave me any clues. Will OWA work in Firefox? I guessed not, but I
thought it might at least get me to the RWW selection menu.
I feel its something to do with certificates, but I don't know what...
Pessable.
.
- Follow-Ups:
- Re: Configuring SBS2003 for OWA and RWW
- From: Joe
- Re: Configuring SBS2003 for OWA and RWW
- References:
- Configuring SBS2003 for OWA and RWW
- From: Pessable
- Re: Configuring SBS2003 for OWA and RWW
- From: Joe
- Configuring SBS2003 for OWA and RWW
- Prev by Date: Re: Event ID 1030 + 1058 on workstation + no access so system shares
- Next by Date: Re: Exchange SP2 18GB Limit
- Previous by thread: Re: Configuring SBS2003 for OWA and RWW
- Next by thread: Re: Configuring SBS2003 for OWA and RWW
- Index(es):
Relevant Pages
|
