Re: RWW 403 forbidden error
- From: "BobS" <PackerIntl@xxxxxxxxx>
- Date: Sat, 6 Sep 2008 15:36:28 -0600
Any thoughts on this problem?????
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message news:uB$45euDJHA.3396@xxxxxxxxxxxxxxxxxxxxxxx
I JUST SO WISH AV suppliers would leave my freakin network alone.
I don't use their firewall services. I don't want it installed.
"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:68C9AA51-B136-4B0A-90AA-114162AF4C9E@xxxxxxxxxxxxxxxxNo, I do not have Trend, but do have Panda Business Secure, both the
FileSecure and the ExchangeSecure modules installed.
The report "seems to" look at NetworkAdapter.DeviceID=1 thru 9 and then
says that there are three adapters which is an error and lists DeviceED=1, 8,
and 9. 8 and 9 are Panda NDIS IM Filter Miniports. I saw posts about the
Trend issue that just said they were ignored.
There is a good chance that the version of Panda I have installed at this
client is newer than any of my other clients. I will call Panda and see if
they have seen any issues with this.
In the mean time, I will appreciate any and all ideas.
--
Bob Showalter
Packer International
"SuperGumby [SBS MVP]" wrote:
got Trend on there? The Trend firewall devices confuse it.
"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FE14F943-B4F7-4C6E-9337-073A987A63FD@xxxxxxxxxxxxxxxx
> Merv,
>
> What a great tool. How is it that I have heard about Best Practices > but
> never heard of this analyzer. Thanks,
>
> Anyway, I have not solved the problem, but I think the BPA may have
> pointed
> out the problem. One of the critical errors says that: "Three or more
> network adapter cards were detected" and that this will cause the > CEICW to
> fail.
>
> Now how do I correct this? I looked in device manager and there is > only
> one
> network adapter there. Where do I look to seek and destroy the other > 2
> adapters (that really don't exist).
>
> I exported the logs from SBS BPA, but have never had any luck trying > to
> attach a file here. Is there a way to do that or is there someplace > else
> I
> could post them. I am just now trying to put up an ftp site on my > server
> and
> I have posted them there if you can get to it: > ftp://rww.packerintl.com.
>
> Thanks; I anxiously await your instructions.
> -- > Bob Showalter
> Packer International
>
>
> "Merv Porter [SBS-MVP]" wrote:
>
>> https://mail.westernwaterandland.com/remote does not resolve te RWW
>> problem.
>> Using your WAN IP address in place also does not resolve the problem.
>>
>> OK, let's try... Install and run a scan with the SBS 2003 BPA:
>>
>> Microsoft Windows Small Business Server 2003 Best Practices Analyzer
>> http://207.46.19.190/downloads/details.aspx?familyid=3874527A-DE19-49BB-800F-352F3B6F2922&displaylang=en
>>
>> Small Business Server 2003 Best Practices Analyzer Updated
>> http://blogs.technet.com/sbs/archive/2008/02/20/small-business-server-2003-best-practices-analyzer-updated.aspx
>>
>> How to Use the Windows SBS 2003 BPA
>> http://blogs.technet.com/sbs/archive/2007/10/22/how-to-use-the-windows-sbs-2003-bpa.aspx
>>
>>
>> -- >> Merv Porter [SBS-MVP]
>> ============================
>>
>> "BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:A3947259-5E40-4F6E-BB45-30EF110A997B@xxxxxxxxxxxxxxxx
>> > My how I admire perserverance; and appreciate it for something like
>> > this.
>> >
>> > Response to all 3 of your posts are here:
>> >
>> > 1. Results of ipconfig /all
>> >
>> >
>> > Windows IP Configuration
>> >
>> > Host Name . . . . . . . . . . . . : hal
>> > Primary Dns Suffix . . . . . . . : WesternWaterandLand.local
>> > Node Type . . . . . . . . . . . . : Unknown
>> > IP Routing Enabled. . . . . . . . : Yes
>> > WINS Proxy Enabled. . . . . . . . : Yes
>> > DNS Suffix Search List. . . . . . : WesternWaterandLand.local
>> >
>> > Ethernet adapter Server Local Area Connection:
>> >
>> > Connection-specific DNS Suffix . :
>> > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
>> > Ethernet
>> > Physical Address. . . . . . . . . : 00-21-9B-F9-AD-08
>> > DHCP Enabled. . . . . . . . . . . : No
>> > IP Address. . . . . . . . . . . . : 192.168.254.2
>> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
>> > Default Gateway . . . . . . . . . : 192.168.254.1
>> > DNS Servers . . . . . . . . . . . : 192.168.254.2
>> > Primary WINS Server . . . . . . . : 192.168.254.2
>> >
>> > 2. Yes, port 4125 is forwarded to the server nic (192.168.254.2), >> > as
>> > are
>> > all of the other ports concerned with remote access of different >> > types
>> > (443,
>> > 444, 21, ...)
>> >
>> > 3. All of the settings for Directory Security for the "Remote" >> > virtual
>> > web
>> > site are exactly as you have them below.
>> >
>> > 4. I also cleared out the W3SVC1 log for the day and then tried to >> > log
>> > in
>> > to RWW. The contents of the log after the failed attempt are as
>> > follows:
>> > #Software: Microsoft Internet Information Services 6.0
>> > #Version: 1.0
>> > #Date: 2008-09-04 05:11:29
>> > #Fields: date time s-sitename s-computername s-ip cs-method >> > cs-uri-stem
>> > cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) >> > cs-host
>> > sc-status sc-substatus sc-win32-status
>> > 2008-09-04 05:11:29 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
>> > 216.52.47.231 HTTP/1.1
>> > Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
>> > rww.westernwaterandland.com 302 0 0
>> > 2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
>> > 216.52.47.231 HTTP/1.1
>> > Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
>> > rww.westernwaterandland.com 302 0 0
>> > 2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 443 -
>> > 216.52.47.231 HTTP/1.1
>> > Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
>> > rww.westernwaterandland.com 301 0 0
>> > 2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote/ - 443 -
>> > 216.52.47.231 HTTP/1.1
>> > Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
>> > rww.westernwaterandland.com 403 14 5
>> >
>> > 5. On your other post for the settings for Default Website and >> > Remote
>> > Virtual Website Directory Security; what I have is exactly as you >> > have
>> > it
>> > specified.
>> >
>> > Thanks again for your perserverance.
>> >
>> > -- >> > Bob Showalter
>> > Packer International
>> >
>> >
>> > "Merv Porter [SBS-MVP]" wrote:
>> >
>> >> And here's a list of all settings for the properties of the >> >> "Remote"
>> >> virtual
>> >> web site under the Default Web site in IIS...
>> >>
>> >> For RWW:
>> >>
>> >> 1. Open IIS snap-in.
>> >> 2. Go to Default Web Site/Remote.
>> >> 3. Right click Remote and click Properties.
>> >> 4. Click Directory Security tab.
>> >> 5. Click Edit under "Authentication and access control".
>> >> 6. Make sure that only the "Enable anonymous access" and >> >> "Integrated
>> >> Windows Authentication" have been checked.
>> >> 7. Click Edit under "IP address and domain name restriction".
>> >> 8. Make sure that "Granted access" has been selected.
>> >> 9. Click Edit under "Secure communications".
>> >> 10. Make sure that "Require secure channel (SSL)" and "Require >> >> 128-bit
>> >> encryption" have been checked.
>> >>
>> >>
>> >> -- >> >> Merv Porter [SBS-MVP]
>> >> ============================
>> >>
>> >> "Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in >> >> message
>> >> news:OU27$KhDJHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
>> >> > Is port 4125 corrected forwarded in the router to the IP address >> >> > of
>> >> > the
>> >> > SBS NIC?
>> >> >
>> >> > -- >> >> > Merv Porter [SBS-MVP]
>> >> > ============================
>> >> >
>> >> > "BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> > news:6B023657-EAF6-4E91-9C1F-182E999B4CCD@xxxxxxxxxxxxxxxx
>> >> >> Thanks Merv,
>> >> >>
>> >> >> Those are the settings I have. It is a single NIC system.
>> >> >> -- >> >> >> Bob Showalter
>> >> >> Packer International
>> >> >>
>> >> >>
>> >> >> "Merv Porter [SBS-MVP]" wrote:
>> >> >>
>> >> >>> Directory Security settings... (on a two NIC system, if that
>> >> >>> matters)
>> >> >>>
>> >> >>> IIS | <yourserver> | Web Sites | Default Web Site | Properties >> >> >>> |
>> >> >>> Directory
>> >> >>> Security | IP Address and Domain Name Restrictions | Edit...
>> >> >>>
>> >> >>> Settings should be Denied Access;
>> >> >>> Except the Following: Granted 192.168.16.2 >> >> >>> (255.255.255.0)
>> >> >>> Except the Following: Granted 127.0.0.1
>> >> >>>
>> >> >>> IIS | <yourserver> | Web Sites | Default Web Site | Remote|
>> >> >>> Properties |
>> >> >>> Directory Security | IP Address and Domain Name Restrictions |
>> >> >>> Edit...
>> >> >>>
>> >> >>> Granted Access
>> >> >>>
>> >> >>> -- >> >> >>> Merv Porter [SBS-MVP]
>> >> >>> ============================
>> >> >>>
>> >> >>> "BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> >>> news:350FE9EE-EC90-4F57-87AB-45BE4B72CB2B@xxxxxxxxxxxxxxxx
>> >> >>> > Merv, thanks for continuing to try. No luck yet. Here is >> >> >>> > what
>> >> >>> > I
>> >> >>> > did
>> >> >>> > with
>> >> >>> > your last set of suggestions:
>> >> >>> > 1. I reran CEICW removing RWW (and all other website >> >> >>> > services,
>> >> >>> > OWA
>> >> >>> > and
>> >> >>> > SharePoint). Rebooted. Ran it again enabling those 3
>> >> >>> > sdervices.
>> >> >>> > Rebooted.
>> >> >>> > It made no difference. You mentioned enabling the firewall, >> >> >>> > but
>> >> >>> > with
>> >> >>> > only
>> >> >>> > one NIC, firewal is external. However, when it rebuilt, in
>> >> >>> > going
>> >> >>> > through
>> >> >>> > the
>> >> >>> > steps, when it came to "Configuring the firewall" it said >> >> >>> > that
>> >> >>> > it
>> >> >>> > failed,
>> >> >>> > even though it gave the normal warning that with only one >> >> >>> > NIC it
>> >> >>> > could
>> >> >>> > not
>> >> >>> > install a firewall. I ran it a second time and it did not >> >> >>> > give
>> >> >>> > that
>> >> >>> > warning
>> >> >>> > and went right past the firewall stage with a green check.
>> >> >>> > Still
>> >> >>> > though
>> >> >>> > no
>> >> >>> > access through RWW.
>> >> >>> >
>> >> >>> > 2. Checked Issue 6 of the referenced BLOG which seemed to >> >> >>> > be a
>> >> >>> > lesser
>> >> >>> > reiteration of step one above so didn't try it again.
>> >> >>> >
>> >> >>> > 3. The RWW virtual directory seems to be installed under >> >> >>> > the
>> >> >>> > default
>> >> >>> > website in ISS Mgr if it is the one called "Remote" (we are
>> >> >>> > getting
>> >> >>> > dangerously close to the limits of my knowledge here). I
>> >> >>> > couldn't
>> >> >>> > say
>> >> >>> > if
>> >> >>> > it
>> >> >>> > is all in tact. What I did check was that if I looked at >> >> >>> > the
>> >> >>> > Directory
>> >> >>> > Security and it is set to Grant Access to all IP's. I did >> >> >>> > take
>> >> >>> > notice
>> >> >>> > that
>> >> >>> > during step one above, that security changed to deny all >> >> >>> > except
>> >> >>> > the
>> >> >>> > server
>> >> >>> > IP. When I wen back to enabling RWW it changed to Grant >> >> >>> > Access.
>> >> >>> >
>> >> >>> > 4. Using https://.... makes no difference.
>> >> >>> >
>> >> >>> > 5. Not really sure where to check the binding of the NICs. >> >> >>> > I
>> >> >>> > remember
>> >> >>> > that
>> >> >>> > from NT, but haven't had the need to look at it since.
>> >> >>> >
>> >> >>> > I will give one other piece of history on the issue. When >> >> >>> > the
>> >> >>> > problem
>> >> >>> > was
>> >> >>> > first brought to my attention a few days after the migration >> >> >>> > was
>> >> >>> > "complete",
>> >> >>> > I spent several days trying things. I managed to get the >> >> >>> > server
>> >> >>> > to
>> >> >>> > the
>> >> >>> > point
>> >> >>> > that the network did not work at all, and people could not >> >> >>> > log
>> >> >>> > on
>> >> >>> > or
>> >> >>> > connect
>> >> >>> > to shared drives. I could not seem to get things back to
>> >> >>> > working,
>> >> >>> > so
>> >> >>> > put
>> >> >>> > in
>> >> >>> > the SBS DVD, and either reinstalled all features except
>> >> >>> > Excfthange
>> >> >>> > (or
>> >> >>> > uninstalled and installed, I can't remember which). After >> >> >>> > that,
>> >> >>> > I
>> >> >>> > was
>> >> >>> > back
>> >> >>> > to the place I am now with everything working on the system
>> >> >>> > except
>> >> >>> > RWW.
>> >> >>> >
.
- References:
- Re: RWW 403 forbidden error
- From: BobS
- Re: RWW 403 forbidden error
- From: Merv Porter [SBS-MVP]
- Re: RWW 403 forbidden error
- From: Merv Porter [SBS-MVP]
- Re: RWW 403 forbidden error
- From: Merv Porter [SBS-MVP]
- Re: RWW 403 forbidden error
- From: BobS
- Re: RWW 403 forbidden error
- From: Merv Porter [SBS-MVP]
- Re: RWW 403 forbidden error
- From: BobS
- Re: RWW 403 forbidden error
- From: SuperGumby [SBS MVP]
- Re: RWW 403 forbidden error
- From: BobS
- Re: RWW 403 forbidden error
- From: SuperGumby [SBS MVP]
- Re: RWW 403 forbidden error
- Prev by Date: Re: Pop3 on Exchange and RWW
- Next by Date: Re: Configuring ISA access rule for ESET NOD 32
- Previous by thread: Re: RWW 403 forbidden error
- Next by thread: Re: RWW 403 forbidden error
- Index(es):
Relevant Pages
|
Loading
