Re: Connecting to Exchange Part II

Ethon Bridges <ethonbridges@xxxxxxxxx> wrote:
There is no NAT or filtering. The ISP passes through everything for
us to deal with. The SBS is basically hooked straight up to a public
IP at this point. Firewall device will be installed shortly.

Then "shortly" is when you ought to connect this network to the Internet.
Don't do so without a good firewall! You're running with scissors. It takes
only nanoseconds to get attacked/exploited.

Here's what I did to get it to work: disabled the LAN interface.
Turned off the Window's firewall, then re-enabled it. Now everything
is responding. This leads me to believe that something in SBS
firewall was wacky.

Now onto the next minor (I think) problem in another thread....



On 2008-07-02 15:37:56 -0500, "Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> said:

Ethon Bridges <ethonbridges@xxxxxxxxx> wrote:
The first thread was entitled "Connecting to Exchange...".

Ah. But this isn't a web forum, it's a newsgroup - so it doesn't
make any difference what you'd put in the subject line; it won't
show up right next to your "part II" unless the timestamp was
immediately prior.

It's a fresh install. Nothing has been tried because I have been
told it should work out of the box. As for what errors, well, I
guess a "page cannot be displayed" error in Explorer when trying to
access the server. When trying to connect with Outlook, it just
says "The connection to the Microsoft Exchange Server is
unavailable....".

Did you enable them both in the CEICW? Do you have the correct port
forwarding configured in your ISP's router?

SMTP: TCP 25
HTTPS: TCP 443
RWW: 4125

(for starters)

If you can access OWA via HTTPS then both should work. If you can't,
there's your problem.

So, maybe we should back up a step. During install, I don't recall
there being any option to NOT install both NIC's on the SBS server.
The installer sees them and wants to try and configure one for
internal and one for external. If I could just configure one, that
would be fantastic as we are not using anything on the LAN for SBS.

OK - disable one in the BIOS or in device manager, and rerun the
CEICW ...and I would suggest that you have the ISP disable NAT and
filtering in their device, and use your own good firewall appliance
between you & the Internet. I personally like sonicwalls.

I'm still not clear what ISA is,

http://www.microsoft.com/isaserver/default.mspx

and there wasn't any option during
installation to install or not install it, enable or not enable it.

ISA is something you'd have only if you had SBS 2003 Premium & had
manually installed it...




On 2008-07-02 10:17:17 -0500, "Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> said:

Ethon Bridges <ethonbridges@xxxxxxxxx> wrote:
Still can't connect to Exchange over the WAN. LAN access works
fine. To recap what was learned from previous thread on this
subject: Dual-NIC server. One configured for LAN, one for WAN. WAN
port has
no router/firewall in between and is configured with a public IP.
Public IP has a DNS entry for convenience. Access by name or IP
fails.
This is a fresh install of SBS with no configuration changes as of
yet. As stated before, we only need Exchange capability from
remote laptops. There is nothing on the LAN that will use SBS.

This really shouldn't be this hard, yet I am still fighting it.

You haven't posted any of your original (part I?) in here so I
don't know what you've tried yet, what troubleshooting steps & what
symptoms/ errors. That said, unless you use ISA you do not need two
NICs - and if you aren't using ISA you need a *good* firewall
appliance. I'm not a fan of the two NIC config in general on any
DC. Please include more info.



.

Relevant Pages

  • Re: Possible Trend SMB 3.0 CSM problem on SBS2003
    ... they went away with unchecking the firewall in CSM console. ... Les Connor [SBS Community Member - SBS MVP] ... >> the installation of the Trend Micro 3.0 CSM install may be to blame. ... Our server had just been upgraded two weeks before using the Swing ...
    (microsoft.public.windows.server.sbs)
  • Re: Connecting to Exchange Part II
    ... Name resolves with Explorer to get to OWA, server responds to pings on the name and IP. ... I have opened one port in the firewall for a remote desktop sharing program that I use and that works fine. ... This leads me to believe that something in SBS ... there being any option to NOT install both NIC's on the SBS server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Feedback solicited - best way to harden a mail/web server?
    ... > consider what non-RedHat packages or applications you might have added to the ... Was the system protected by a properly configured firewall? ... if you have ever seen the configuration files it generates, ... certainly put iptables rules on it and install Tripwire. ...
    (comp.os.linux.security)
  • RE: trouble installing companyweb
    ... gone ahead and patched the server before continuing with step 13 of KB884453. ... sbs components that I could, ... install any 3rd-party software before you finish the installation. ... For the failed intranet component ...
    (microsoft.public.windows.server.sbs)
  • Re: Some services unusable after ISA installation
    ... Re-run the CEICW, choose to enable the firewall, and when you get the list ... Repeat for the others that you mention, and finish the wizard. ... Because you can't install the firewall client on the ... SBS Product Team ...
    (microsoft.public.windows.server.sbs)
Loading