How can I make a mail.companyname.com/remote entry when we have a hosting company already using the mail.companyname.com? There is no place for a /remote?
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
What, exactly, do you need, Rob? "A DNS entry" will just give you a dotted address for mail.companyname.com, and it sounds as if that already exists. (DNS doesn't resolve directories, just computers. [kinda-sorta])
If you just want to be able to connect to mail.companyname.com/remote, the DNS entry for mail.companyname.com should be sufficient, if you point your program to /remote.
We have the SBS and a Terminal server on the network so far. We are runninng ISA on the sbs with two network cards. Someone already set up the ISA and remote logins work from within the network going from the terminal server to the sbs. But for an external login I get the 403 - forbidden error.
I was told I needed the mail.companyname.com/remote to have a dns entry. Our mail is currently hosted by another company that also host our website and domain name. So the mail.companyname.com is already created and no place to enter anything like suggested.
If it works internall from the termminal server shouldnt it work externally too?
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
You're trying to get to a local directory from outside the router, and mail.companyname.com resolves from outside the network?
Have you tried forwarding the port of the computer with that directory? Its address is 192.*, 10.* or 172.* - addresses you can't get to from outside the router. You connect to mail.companyname.com/remote from outside, but the router forwards the packets to 192.x/remote. The router has to be told to forward the port (or all ports) to that computer.
Or am I telling you stuff you already know? (If you don't, http://www.portforward.com is a great resource.)
I found a couple of posts on a site where it looks like it may be a certificate issue.
Check our article again. To access it from the outside, you will need to run CEICW and create the web certificate with the address you are using from outside. You have enabled RWW in the services during CEICW, right?
'...
Have you run CEICW? What did you fill in for the webcertificate? Can you access RWW from inside the network with http://servername/remote?
'...
Yes, run CEICW in fill in the proper public IP or FQDN if your ISP created a DNS record for it.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
I'm not sure exactly what client and what server you're trying to get to talk to each other, but you can't connect to the internal address of a computer that's behind a router from outside the router. The internal address doesn't exist on the outside of the router, any more than the external address (mail.companyname.com) exists inside (although a smart router knows that mail.companyname.com refers to it, so it may just turn the connection back inside without looking anything up - that's called a loopback).
As far as a certificate goes, that depends on the particular software - you don't need any certificate to access the inside of a LAN from outside its router, unless the particular software requires one.
Ok, I got a bit more understanding of whats going on.
I had to create the DNS record in the DNS control panel of the SBS. I am using remote.companyname.com. Then I added the public IP address of the router to it.
I reran the CEICW and redid the web certificate to the new remote.companyname.com.
I created a subdomain on the web host site to point to the public ip address of the router. I also added the terminal server port forwarding. RWW and HTTPS are already forwarding.
I think its still not working yet as it takes 24-48 hours for the subdomain to populate through the internet.
Hopefully this will be it.
I also did a windows update on the sbs as it hadent been done yet (new install).
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
SBS = Small Business Server
ISA = Internet Security Acceleration server
CEICW = Configure Email and Internet Connection Wizard
RWW = Remote Web Workspace (As shown in the thread title )
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
OK. So your domain is companyname.com and the subdomain you are using to access is "remote". This subdomain points to your router. The HTTPS/RWW/TS ports are forwarded to your server. Right?
Subdomains usually take about an hour max to propagate through all DNS servers, so that's not a problem. (In my experience they are usually accessible within a few seconds).
Now if you are not getting a connection I have to ask whether something is blocking incoming connections on your server. Do you have a firewall or anything set up that might do that?
If you are getting the certificate but a 403 it looks like the ports are forwarded correctly and connecting to the server but there is a permissions issue accessing the resource. Have you checked public/group permissions on whatever it is you are trying to access?
OK, ignore the certificate for the moment. I don't think it's important.
Where are you accessing it from? Bear in mind if it's a remote connection you are not going to be connecting as Administrator. You are going to be connecting as a Guest. If you block Guests completely no-one is going to be able to access it at all.
Oh that looks soooo promissing. I think that is the exact setup and same issue. I will try this out tomorrow. We had a dynamic IP from the ISP last week when we set up the server but were waiting for the static ip and new dsl service to be activated. Now its activated and I changed the IP on the router. Seems like post #5 is where he describes the ISA rule that fixed it.
It was the SBS Weblistener configuration, I had to put the Public IP in it at some point see this:
The rule: SBS RWW Web publishing Rule should look like this
General: enable
Action: allow
From: anywhere
To: publishing.yourdomainhere.local AND forward the original host header AND requests appear to came from the original client
Traffic: HTTPS
Listener: SBS Web Listener Public Name: YOUR PUBLIC IP ADDRESS
Paths: <same as internal> /ClientHelp/* AND <same as internal> /Remote/*
Bridging: Web server AND Redirect to HTTP port 80 AND Redirect to SSL port 443
Users: All Users AND forward basic authentication credencials
Schedule: Always
Link translation: replace
The rule: SBS RWW Inbound Access Rule
Should be enable
"Public Name: YOUR PUBLIC IP ADDRESS" Has not been updated to the new static ip.
I didnt get to test out making the changes like shown in the above post today but I did test it out again as I was wondering if the DNS (A) record update had populated throughout the internet yet and guess what - IT DID! W00t!!!
Its working now finally after making the (A) record for remote.companyname.com and pointing it to the public ip of the router and making a entery in the servers dns control panel for the remote.companyname.com too.
I am curious to see tomorrow what the default ISA rule shows for the ip address. Wondering if it is still the same or ?
Hopefully now I have some basic skills on ISA and SBS.
Thanks everyone for the help.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
Thanks. RWW is really so freaking cool! You get a page after this one once logged on that gives you a listbox of available servers/computers that you would like to log on to.
Also, a few other links to run like Outlook Web Access.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
Yes, its many more times more secure then using RDC or RDC with a VPN.
Next thing I have to do is install Office 2003 remotely but I need to call MS tomorrow as the retail copy I got only has 2 CDs while the CD case shows the "3" in the center thingy. I need to make sure its genuine before installing it.
When installing on 2003 w/ terminal server you dont need to get into Install Mode anymmore? Just let the CD run or go to Add/Remove Programs and that will throw you into install mode?
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
With Terminal Server 2000 you needed to be in Install Mode because that way it would install just like a workstation and not use your home path. If you werent in install mode the program might fail to run or only you would have access to it, or something like that.
But I remember reading somewhere that with 2003 its done differently.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
Yes, its great. You can log on to any server or workstation or network resource that you have permissions to just as if your sitting at the server/workstation. If you want you can also enable file transfering so you can upload or download files from the server or your workstation at work.
Are you familiar with Citrix? Its similar to that with its log on to server and resources features but thats where the similarities end. You can print or run programs that are on your workstation or anything at all that you can do at your office.
"Its the same thing as being there!"
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
But it's all in a browser window - right? You become the remote workstation - not really running your laptop locally anymore. So for instance I could not be running ENTERPRISE MANAGER locally on my laptop and connect to the SQL instance at my remote office. I would have to RWW onto my office workstation or server and run EM in that window to see the SQL instance.
So it's not quite VPN - more like a secure remote desktop.
*** Read the sticky in the DB forum about how to get your question answered quickly!! ***
Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".
With Terminal Server 2000 you needed to be in Install Mode because that way it would install just like a workstation and not use your home path. If you werent in install mode the program might fail to run or only you would have access to it, or something like that.
But I remember reading somewhere that with 2003 its done differently.
I found this:
Originally Posted by [url]sessioncomputing.com/applications.htm[/url]
Make sure your terminal server is in Application Server Mode (Windows 2000 Server) or has the role of Terminal Server (Windows Server 2003) before installing your software (unless this server is used specifically for remote administration)
Make sure the terminal server is in "Install Mode" before installing software. This can be accomplished by initiating the install routine via "Add/Remove Programs" or by manually placing the server in "Install Mode" with the cmd prompt utlility "change user /install". After the install is complete you place the server back in "execute mode" via "change user /execute".
But it's all in a browser window - right? You become the remote workstation - not really running your laptop locally anymore. So for instance I could not be running ENTERPRISE MANAGER locally on my laptop and connect to the SQL instance at my remote office. I would have to RWW onto my office workstation or server and run EM in that window to see the SQL instance.
So it's not quite VPN - more like a secure remote desktop.
Yes, but you could map a drive possibly and setup a SQL Registration but Im not sure. You can run EM directly from your SQL SErver at work
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
Thanks PG. I thought I had to run it from Add/Remove but whan the cd autoran it gave me a extra dialog that said to clikc Finish when done. I thought this was exiting Install Mode but I guess not. Better to be safe then sorry. I'll try it through A/R Progs. after I call MS
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.