locked
Issues with uPNP ... RRS feed

  • Question

  • Yall
     
    Strange things are happening at my setup.

    Machines are as follows:

    HP : WHS on 10.10.1.30 (not on domain anymore ...)
    Dell: SBS R2 (NIC1: 192.168.1.10 - NIC2: 10.10.1.1.)
    Router: BEFSX41
    Modem: Westell 6100 on a DSL Verizon line

    SBS has firewall off and VPN off. All firewall is at router and VPN is set for tunnel 1 at router.

    When I run the config for the https://myfoobar.homeserver.com I get two errors (no remote access and no internet access.) but that seems contradictory to the settings at the router since uPNP is set.

    SBS sees the uPNP and correctly sets the NAT from NIC2 to NIC1.

    Even from within the Dell server I cannot resolve the https://myfoobar.homeserver.com ... I can resolve http://companyweb w/o issues though ...

    Any help is appreciated!!!

    The goal is to have my users acess the https address from a remote location as well as allow for sharepoint access from the remote location.

    My bests,
    AR
    Cheers
    Monday, September 8, 2008 9:36 PM

Answers

  • I sort of hate to say this, but this isn't the place to discuss the configuration of Small Business Server. Probably this will be a better place to start your search for assistance.

    In general, though, I would say take SBS out of the direct path between the inside of your network and the outside, as a place to start. If taking SBS out of the equation allows WHS to work, then you've really got your answer right there.

    I'm not on the WHS team, I just post a lot. :)
    • Marked as answer by ARosenthal Tuesday, September 9, 2008 5:39 PM
    • Unmarked as answer by ARosenthal Tuesday, September 9, 2008 5:39 PM
    • Marked as answer by Lara JonesModerator Monday, October 27, 2008 4:07 PM
    Tuesday, September 9, 2008 5:35 PM
    Moderator

All replies

  • Wow, sounds like a test question. First, can you run ipconfig all on the WHS box and see what it does see, and then see if you can ping the SBS. May get some definition started.

    Ben

    Ben Ogilvie
    Monday, September 8, 2008 11:21 PM
  • Ipconfigs work fine .. all servers are capable of seeing the internet .. the local dns server is at the dell server (10.10.1.1) and resolves all w/o issue.

    The problem is not wrt the local ips but with outside looking in ..

    AR
    Cheers
    Monday, September 8, 2008 11:32 PM
  • Router shows Ports 80 (HTTP), 443 (HTTPS) and 4125 (RDP) are all forwarded to the WHS IP?
    This will be an issue if you wish to use those same ports on SBS.
    FYI: Ports used on SBS

    Your ISP is not blocking any Ports?  It is easy to test this by either connecting to one of the online sites that tests your ports like www.canyouseeme.org or Telnet in from an outside location.

    I assume that 10.10.1.x is the outside on your SBS (router side), while 192.168.1.x is the inside (LAN side).

    If you place the WHS on the inside of the network, you will have to go into Routing and Remote Access and forward the appropriate ports to WHS.

    • Edited by MrDRGreen Tuesday, September 9, 2008 12:24 AM more...
    Tuesday, September 9, 2008 12:07 AM
  • There would be an issue for sure if I open SBS to the outside, which I am not planning on doing.

    I will use dyndns to get to SBS from outside (that is, to sharepoint, and OWA.) This is the plan:

    HQ:
    Uses a DSL modem + BESFX41 + Wifi on separate unit
    No servers at HQ

    Branch:
    WHS on 10.10.1.Y
    SBS on 10.10.1.X with DHCP for LAN; wifi AP with 10.10.1.Z/Z+n for wifi's
    Westell modem+BESFX41
    Dyndns + MX record pointing to 10.10.1.X

    Goal:

    Route https://myfoobar.homeserver.com to WHS

    Route http://myfoobar.foobar.com to SBS's sharepoint

    Route MX record to Exchange at SBS

    I have turned off VPN and firewall at SBS to avoid colliding with Linksys' ...

    Some partial results:

    1) I can access the homeserver.com from within the lan at SBS ... I can ping it from my home but the request times out (it does resolve the correct IP though ...)
    2) pinging the dyndns.org suffix also resolves the IP but again it times out ..


    Any idea guys??

    AR
    Cheers
    Tuesday, September 9, 2008 4:24 AM
  • I still don't completely follow what you are doing...
    First, is this SBS Standard or ISA?
    Why have you changed from the default Intranet IP ranges, which is 192.168.16.x for SBS and commonly 192.168.1.x for routers.  You are best off leaving these at the defaults.
    SBS by default will be 192.168.16.2 with DHCP starting at .10 on the Intranet adapter side.  The SBS Internet adapter connected to your router can simply be set to dynamic and retrieve a reserved IP from the router, or it can be set to a static IP within the router's subnet.
    Did you use the console wizards to change your default SBS intranet IP subnet?  You cannot simply change the SBS adapter IP in the Networking properties dialog, doing so will totally mess up SBS.
    The Configure EIC Wizard MSKB is here, and additional info can be found at isaserver (which a lot of info there is also relevant for SBS Standard).  I assume that you are using the two adapter setup, there is no reason to disable the SBS firewall, etc.
    If both the SBS and WHS are on the same network, you will have issues with ports 80, 443, etc.,
    WHS will complain if you attempt to register at homeserver.com unless ports 80, 443 and 4125 are routed to WHS.  This will make it difficult to get to SBS unless you are willing to change port numbers for where you are routing to on SBS.  SBS defaults to HTTP, OWA and RWW at these same ports.
    I don't follow your statement on "Dyndns + MX pointing to 10.10.1.x", your MX record at Dyndns must be to your outside dynamic IP from your service provider, not your Intranet server IP.  If you have a dynamic IP, most ISP's require business accounts to prevent port-blocking.  If you are using Dyndns you will also have to use their tool installed onto your server so that it updates their DNS records whenever your outside dynamic IP from your ISP changes.

    Tuesday, September 9, 2008 6:20 AM
  • Answering ...

    1) Standard R2

    2) I changed the IPs since I have done the same thing 1000 times at other SBSs without a problem. This is the first time I have WHS with it though.

    3)  Tks for the KB

    4) MX do not point to IP, they point to FQ, which in the mail.foobar.com in my case. That is what Dyndns shows .. I questioned what goes at the DNS settings at my SBS (an A record + MX ??)

    5) I disable SBS firewall since I have it on the router - I do not care for both, either one would do it ... I chose the router since it blocks for WHS as well as any other visible nodes

    AR


    Cheers
    Tuesday, September 9, 2008 5:04 PM
  • I sort of hate to say this, but this isn't the place to discuss the configuration of Small Business Server. Probably this will be a better place to start your search for assistance.

    In general, though, I would say take SBS out of the direct path between the inside of your network and the outside, as a place to start. If taking SBS out of the equation allows WHS to work, then you've really got your answer right there.

    I'm not on the WHS team, I just post a lot. :)
    • Marked as answer by ARosenthal Tuesday, September 9, 2008 5:39 PM
    • Unmarked as answer by ARosenthal Tuesday, September 9, 2008 5:39 PM
    • Marked as answer by Lara JonesModerator Monday, October 27, 2008 4:07 PM
    Tuesday, September 9, 2008 5:35 PM
    Moderator
  • Funny you mentioned that. I did exactly that: I have 2 NICs on my WHS, and tested with NIC1 (the inner network) off and NIC2, a fixed IP on a DMZ port at the linksys, on. Now both nics are ON with 1 on a 10.10.1.30 and the other on 192.168.1.15 DMZ into linksys (which also has its DMZ setttings to this IP..) : Would it not open ALL ports then??? So how come the ping times out???

    Still I cannot get through WHS from outside, and pinging it resolves, but times out ..

      WESTELL 6100 <-> BESFX41 --> DMZ TO 192.1681.1.15 ---> WHS
    (in bridged mode)      router           4th port is DMZ                    HP server NIC 2 (NIC 1 is dissable for this test ..)


    Hence I am posting this issue here. It must be something in. ref. to how WHS sets the ports of the BEFSX41 via uPNP that is messing things up. When I run the wizard, it configures all OK but gives an error on the second line of the config (though all the rest gets a check mark!!!) .. no more info is provided about the issue (only that the router has an error ...) ?@%$@

    Right now, both Nics are on ... I know this in not supported on WHS from previous posts.

    AR 
    Cheers
    Tuesday, September 9, 2008 5:49 PM