Remote Connection To Sbs Network

[dgsmith]

Hi All,

Before you start thinking I'm thick, I am not talking about SBS2003 Remote Workplace or Remote Exchange Access.

What I am talking about is a client laptop registered on the domain, but sitting at home on a broadband connection.

During the "adding client computers to the domain" process one of the things installed was Connection Manager, which adds Dial-Up connection of sorts, which is called "Connect to Small Business Server 2003"

http://orion05.com/hosted/screen1.bmp

Once connected I am given an IP address, but I still can't get access to my server for shared files, or email access.

I hope u guys understand what I mean, and can suggest things to check / try.

Thanks

David

[valter]

can you ping your server? can you ping other hosts on the network?

[dgsmith]

I can ping the server by its Public IP Address or mail.domain.com, but I can't ping its local address of 192.168.0.10 or the FQDN (server01.hq.domainname.com, but is that because the machine I am using is connected to my own home network which uses the same internal IP Range of 192.168.0.x?

I am on a different PC at the moment, once I get back on the laptop I will get a screenshot of the ipconfig before and after connecting using the dial-up connector.

[dgsmith]

Before Connection to SBS 2003

C:\Documents and Settings\dgsmith>ipconfig

Windows IP Configuration

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

After connecting to SBS2003

C:\Documents and Settings\dgsmith>ipconfig

Windows IP Configuration

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

PPP adapter Connect to Small Business Server:

Connection-specific DNS Suffix . : hq.trusol.com

IP Address. . . . . . . . . . . . : *.*.*.*

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . : *.*.*.*

Sorry I have removed the IP and GW because they are the public IP address of my own local router here. Now why is that address being issues? Basically all the connection is doing is taking me out of my home network and putting me directly on my ISP, as if by-passing the Router.??? Weird? Have I done something wrong?

Is it because the server does not exist in the www? Only on the inside of the office?

ie. FQDN is server01.hq.trusol.com but that is only accessible from inside the network. I have a sub-domain for mail.domain.com but can I have a DNS entry just for the server in the public environment?

This is giving me a headache :-(

[At0mic]

Thats kind of strange to only get the external address like that. Then again, I've never connected in that way. Why cant you just set up a normal VPN connection? Thats what I do if I have to carry out maintenance on the network at work.

By the way, your screen shot is so anoying at 1.37Mb. Couldn't you convert to JPG?

[Marsden]

How about Port Forwarding on the router? You have to forward port 3389 from the public IP address to your internal private Ip address.

If you want to use all the SBS remote features you will want to forward ports 443-444, 1720-1723, 3389 to your server's private IP address.

To use OWA (Outlook Web Access) you type in your public IP address like

https://xxx.xx.xxx.xxx/exchange or https://xxx.xx.xxx.xxx/remote

[dgsmith]

At0mic - Sorry I did it from the company machine and it had no image rending software on there - I will change it ;-)

How do I setup a normal VPN? Sorry to sound stupid.

Marsden - I have all the port forwarding setup, and I can remote control the server, and PC's in the office and use the OWA that you have linked.

BUT what I want is for an engineer who is not based in the office (based at home) to be able to connect as if he was in the office. be able to use his PC and open My Computer goto shared drive, open shared files. Run Outlook client and access his mail.

[Marsden]

So what part or parts or Remote Desktop can't do what you just specified? RDP is encrypted and secure.

[valter]

Connection-specific DNS Suffix . : hq.trusol.com

IP Address. . . . . . . . . . . . : *.*.*.*

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . : *.*.*.*

Subnet mask here is 255.255.255.255, and what class IP address do you use here? In other words, subnet mask is wrong.

Regarding "remote engineer", just set him up with Remote Desktop Client or Terminal Services Web Clinet, that should do the job ... connecting over VPN can be pain in the neck ...

[dgsmith]

Sorry guys, I appreciate your feedback, but my client has expressed in detail that the remote desktop is fine for now, but what happens when there is no desktop to control? He is going to have a large number of engineers out in the field accessing the internet via customer sites. They need to be able to open there laptop, run a connection (be it vpn or what) and continue business as usual. Check there outlook client, check there diary, access files on there shared drive.

I appreciate that remote desktop allows that, but only if there is a machine in the office not being used, which there is not. OWA is fine for accessing email & calander, but there is no way to access shared files, which was the main reason for having the server.

Sorry if I have maybe mis-communicated what I was after, I hope this clarify's what I need, maybe there is someone out there who knows what kind of solution I need to implament?

Thanks again.

Dave

[Marsden]

It's called Remote Workspace...

[valter]

Again remote desktop connection has nothing to do with machine not being used ... RDC is used with Terminal Server ... an yes you can access shared filed or anything else mapped in your logon script ...

[dgsmith]

Ah OK, maybe I have the wrong end of the stick.

Can you guys explain to me how these options work then? Then I can test them myself from the cleints laptop (which I now have to test from my house)

Thanks

Dave

[valter]

You have to install Terminal Services on the server (click Start - Control Panel - Add/Remove Programs - Add/Remove Windows Components) and then on the list select Terminal Services ... (note that you have 120 days to purchase CALs for TS)

Now you can setup either Terminal Serices Web Client on the server or your engineers can use Remote Desktop Connection client to connect to Terminal server.

Don't forget to configure options for temrinal server like session lenght and other options ... once user logs on, same logon script is executed as the user was in the office .. so he can access shared files ...

Using web client you can configure web client to ask user if they want to connect local printers and hard drives to the session ... same can be configured on the remote desktop connection client ...

[dgsmith]

klasika, Your method does not work, the engineers do not have permission to log on to the server directly.

However using the remote workplace, I checked out the help section on setting your outlook express to connect using RDA over HTTP, which appears to be working fine.

All I need to crack now is a way for the users to access there shared files on the server, and its done.

Also I will probably need to look into some sort of security as at the moment, I just did it from my personal PC (not on the domain) all I needed was the user account and password.