locked
Homeserver and SBS2008 SSL issues how to redirect ports RRS feed

  • Question

  • Installed a Home server on the same network as an SBS 2008 domain. when I
    enable external access to the homeserver it grabs the SSL traffic.  This
    breaks OWA, mobile phones etc.  What can I do to have the two of them coexist
    and still be able to use the home server for remote access.

    My assumption is that I need to edit properties of the home server to have
    it listen on a different port than 443 for SSL traffic.
    I have added ports on the WHS firewall to allow traffic.  I've modifed IIS
    to listen on the new ports.  Restarted the server after all of that to no
    avail. I'm presuming I  need a registry entry to change the way this
    functions.

    Where do I go from here.

    thanks

    The Mirazon Group
    Friday, September 4, 2009 7:20 PM

All replies

  • In a SBS environment, there's no need for the Windows Home Server remote access features (SBS already does that). Just turn it off and use Windows Home Server for  the backup capabilities.
    I'm not on the WHS team, I just post a lot. :)
    • Proposed as answer by The LMP Brand Wednesday, February 1, 2012 5:33 AM
    • Unproposed as answer by The LMP Brand Wednesday, February 1, 2012 5:33 AM
    Friday, September 4, 2009 8:38 PM
    Moderator
  • Thanks for the response, but that is not really an answer.  I do use SBS and I use remote access.  I have other users on the local network that are not part of the SBS domain.  but need the remote access capability. They share the internet connection but not the server data.  Hence the need for remote access for those users.

    thanks


    The Mirazon Group
    Friday, September 4, 2009 10:08 PM
  • Your best bet is going to be to set up a reverse proxy server and set that to forward traffic appropriately. Your router is probably not capable of dealing with this, and changing the ports that IIS uses on your home server is unsupported and not reliable.

    Why not move everyone to the SBS domain? It would be a cleaner and more reliable solution in the long run...
    I'm not on the WHS team, I just post a lot. :)
    Saturday, September 5, 2009 2:11 PM
    Moderator
  • Hi Ken,

    Several reasons.  This is a separate network on the same physical wiring. Two companies.  They share Internet access
    First company is SBS08, using email, Sharepoint and group policies and more.

    Second company has no desire for in house email or sharepoint or the need for AD.  They simply want to do file sharing and be able to access their files remotely and backup their files and laptops.

    SBS install cost for 5 users counting server, licenses, setup time and labor, about $5,000
    WHS install cost for 5 users, counting server, licenses, setup time and labor, about around $1500



    thanks
    Michael

    Michael Patrick,  Engineering Coordinator 
    MCITP-ENTERPRISE, MCSE-2003,  MCT, MCSA-M, MCDST, Microsoft Small Business Specialist



    The Mirazon Group
    Saturday, September 5, 2009 6:50 PM
  • <sigh>

    You're looking for your solution in the wrong place. Your router is unable to deal with the requirements of your network configuration. You have two servers, both of which want to use the same TCP/IP ports for (really) the same services. The second company needs a separate network, and a separate internet connection. That's really the right answer. They are creating support headaches that will cost them far more in the long run...

    You could look into whether you can find a router (business class; no consumer router does what you need) capable of also supplying reverse proxy functionality, but I suspect that will cost as much as the home server, and will probably be a separate source of headaches. Or there's ISA or Forefront on it's own server, at a nice price increment. Or Linux; how do you feel about open source?

    As for tweaking Windows Home Server, there's no support for the change you're looking for in the product. It's possible that you could modify the Windows Home Server computer to move SSL to a different port. If you do, though, you'll break some of the built-in diagnostic functionality, and there's no guarantee that the next update to Windows Home Server won't set everything back to the default configuration.
    I'm not on the WHS team, I just post a lot. :)
    Sunday, September 6, 2009 4:37 AM
    Moderator
  • Ken,

    You are incorrect.  You can have access to both remote sites.  I will caveat that statement with the fact that I am using Home server 2003 and SBS 2011 on my network.  Thus, I am not sure if Home server 2008/2011 works.  But I assume has the same premise and can be done.

    Mike,

    Feel free to inbox me with questions.  happy to help you get it working.  matthew@thelmpbrand.com.

    Wednesday, February 1, 2012 6:31 AM