Re: RWW 403 forbidden error

I JUST SO WISH AV suppliers would leave my freakin network alone.

I don't use their firewall services. I don't want it installed.

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:68C9AA51-B136-4B0A-90AA-114162AF4C9E@xxxxxxxxxxxxxxxx
No, I do not have Trend, but do have Panda Business Secure, both the
FileSecure and the ExchangeSecure modules installed.

The report "seems to" look at NetworkAdapter.DeviceID=1 thru 9 and then
says that there are three adapters which is an error and lists DeviceED=1,
8,
and 9. 8 and 9 are Panda NDIS IM Filter Miniports. I saw posts about the
Trend issue that just said they were ignored.

There is a good chance that the version of Panda I have installed at this
client is newer than any of my other clients. I will call Panda and see
if
they have seen any issues with this.

In the mean time, I will appreciate any and all ideas.

--
Bob Showalter
Packer International


"SuperGumby [SBS MVP]" wrote:

got Trend on there? The Trend firewall devices confuse it.

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FE14F943-B4F7-4C6E-9337-073A987A63FD@xxxxxxxxxxxxxxxx
Merv,

What a great tool. How is it that I have heard about Best Practices
but
never heard of this analyzer. Thanks,

Anyway, I have not solved the problem, but I think the BPA may have
pointed
out the problem. One of the critical errors says that: "Three or more
network adapter cards were detected" and that this will cause the CEICW
to
fail.

Now how do I correct this? I looked in device manager and there is
only
one
network adapter there. Where do I look to seek and destroy the other 2
adapters (that really don't exist).

I exported the logs from SBS BPA, but have never had any luck trying to
attach a file here. Is there a way to do that or is there someplace
else
I
could post them. I am just now trying to put up an ftp site on my
server
and
I have posted them there if you can get to it:
ftp://rww.packerintl.com.

Thanks; I anxiously await your instructions.
--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

https://mail.westernwaterandland.com/remote does not resolve te RWW
problem.
Using your WAN IP address in place also does not resolve the problem.

OK, let's try... Install and run a scan with the SBS 2003 BPA:

Microsoft Windows Small Business Server 2003 Best Practices Analyzer
http://207.46.19.190/downloads/details.aspx?familyid=3874527A-DE19-49BB-800F-352F3B6F2922&displaylang=en

Small Business Server 2003 Best Practices Analyzer Updated
http://blogs.technet.com/sbs/archive/2008/02/20/small-business-server-2003-best-practices-analyzer-updated.aspx

How to Use the Windows SBS 2003 BPA
http://blogs.technet.com/sbs/archive/2007/10/22/how-to-use-the-windows-sbs-2003-bpa.aspx


--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A3947259-5E40-4F6E-BB45-30EF110A997B@xxxxxxxxxxxxxxxx
My how I admire perserverance; and appreciate it for something like
this.

Response to all 3 of your posts are here:

1. Results of ipconfig /all


Windows IP Configuration

Host Name . . . . . . . . . . . . : hal
Primary Dns Suffix . . . . . . . : WesternWaterandLand.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : WesternWaterandLand.local

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-21-9B-F9-AD-08
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.254.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.254.1
DNS Servers . . . . . . . . . . . : 192.168.254.2
Primary WINS Server . . . . . . . : 192.168.254.2

2. Yes, port 4125 is forwarded to the server nic (192.168.254.2),
as
are
all of the other ports concerned with remote access of different
types
(443,
444, 21, ...)

3. All of the settings for Directory Security for the "Remote"
virtual
web
site are exactly as you have them below.

4. I also cleared out the W3SVC1 log for the day and then tried to
log
in
to RWW. The contents of the log after the failed attempt are as
follows:
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2008-09-04 05:11:29
#Fields: date time s-sitename s-computername s-ip cs-method
cs-uri-stem
cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent)
cs-host
sc-status sc-substatus sc-win32-status
2008-09-04 05:11:29 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 302 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 302 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 443 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 301 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote/ - 443 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 403 14 5

5. On your other post for the settings for Default Website and
Remote
Virtual Website Directory Security; what I have is exactly as you
have
it
specified.

Thanks again for your perserverance.

--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

And here's a list of all settings for the properties of the
"Remote"
virtual
web site under the Default Web site in IIS...

For RWW:

1. Open IIS snap-in.
2. Go to Default Web Site/Remote.
3. Right click Remote and click Properties.
4. Click Directory Security tab.
5. Click Edit under "Authentication and access control".
6. Make sure that only the "Enable anonymous access" and
"Integrated
Windows Authentication" have been checked.
7. Click Edit under "IP address and domain name restriction".
8. Make sure that "Granted access" has been selected.
9. Click Edit under "Secure communications".
10. Make sure that "Require secure channel (SSL)" and "Require
128-bit
encryption" have been checked.


--
Merv Porter [SBS-MVP]
============================

"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in
message
news:OU27$KhDJHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
Is port 4125 corrected forwarded in the router to the IP address
of
the
SBS NIC?

--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6B023657-EAF6-4E91-9C1F-182E999B4CCD@xxxxxxxxxxxxxxxx
Thanks Merv,

Those are the settings I have. It is a single NIC system.
--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

Directory Security settings... (on a two NIC system, if that
matters)

IIS | <yourserver> | Web Sites | Default Web Site | Properties
|
Directory
Security | IP Address and Domain Name Restrictions | Edit...

Settings should be Denied Access;
Except the Following: Granted 192.168.16.2 (255.255.255.0)
Except the Following: Granted 127.0.0.1

IIS | <yourserver> | Web Sites | Default Web Site | Remote|
Properties |
Directory Security | IP Address and Domain Name Restrictions |
Edit...

Granted Access

--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:350FE9EE-EC90-4F57-87AB-45BE4B72CB2B@xxxxxxxxxxxxxxxx
Merv, thanks for continuing to try. No luck yet. Here is
what
I
did
with
your last set of suggestions:
1. I reran CEICW removing RWW (and all other website
services,
OWA
and
SharePoint). Rebooted. Ran it again enabling those 3
sdervices.
Rebooted.
It made no difference. You mentioned enabling the firewall,
but
with
only
one NIC, firewal is external. However, when it rebuilt, in
going
through
the
steps, when it came to "Configuring the firewall" it said
that
it
failed,
even though it gave the normal warning that with only one NIC
it
could
not
install a firewall. I ran it a second time and it did not
give
that
warning
and went right past the firewall stage with a green check.
Still
though
no
access through RWW.

2. Checked Issue 6 of the referenced BLOG which seemed to be
a
lesser
reiteration of step one above so didn't try it again.

3. The RWW virtual directory seems to be installed under the
default
website in ISS Mgr if it is the one called "Remote" (we are
getting
dangerously close to the limits of my knowledge here). I
couldn't
say
if
it
is all in tact. What I did check was that if I looked at the
Directory
Security and it is set to Grant Access to all IP's. I did
take
notice
that
during step one above, that security changed to deny all
except
the
server
IP. When I wen back to enabling RWW it changed to Grant
Access.

4. Using https://.... makes no difference.

5. Not really sure where to check the binding of the NICs.
I
remember
that
from NT, but haven't had the need to look at it since.

I will give one other piece of history on the issue. When
the
problem
was
first brought to my attention a few days after the migration
was
"complete",
I spent several days trying things. I managed to get the
server
to
the
point
that the network did not work at all, and people could not
log
on
or
connect
to shared drives. I could not seem to get things back to
working,
so
put
in
the SBS DVD, and either reinstalled all features except
Excfthange
(or
uninstalled and installed, I can't remember which). After
that,
I
was
back
to the place I am now with everything working on the system
except
RWW.



.

Relevant Pages

  • Re: need help re. office network install
    ... > and their network is a mess, the result of years of neglect. ... they have a gateway server w/ no special ... > firewall rules on it, they have a large DMZ that serves no purpose ... install anymore software on the firewall machine than is absolutely ...
    (comp.os.linux.networking)
  • Re: [fw-wiz] Layer 2 (stealth) firewalls - PBR?
    ... Does running a stealth firewall remove the need for PBR? ... determines traffic flow between them based on destination MACs... ... and both of them are on the same IP network and go to ... But, through laborious insanity, you manage to install whatever ...
    (Firewall-Wizards)
  • Re: XP Update kills network
    ... There's no firewall Enabled? ... The updates by themselves are not killing the network, rather, the issue is occurring in conjunction with an outdated NSW and the attempt to update. ... you can set Automatic Updates to " Download updates for me but let me choose when to install them " to avoid the reinstallation of the problematic update ... ...
    (microsoft.public.windowsupdate)
  • Re: Can anyone tell me how this trojan horse program got thru my
    ... >Go there, downalod, install, update and scan ur system for trojans. ... >download of the program that allows you to disable it. ... >Want a good firewall that is really simple to operate and incredibly ... >would-be intruders are prevented from viewing and accessing your network. ...
    (comp.security.firewalls)
  • Re: Service Pack 1 & 2
    ... but enable to install because of service pack 2. ... >> I recently reinstalled Windows XP home on a new hard disk because the ... >> I tried to install service pack 1 but was rejected from doing so. ... > Why you should use a computer firewall.. ...
    (microsoft.public.windowsupdate)
Quantcast