NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SBS 2008 Firewall configuration in FVS338?
Hi, have got a FVS338 as router/firewall between WAN and LAN.
On the LAN is a SBS 2008 server running Exchange and SharePoint.
The server also handles DHCP and DNS (DHCP turned of in FVS338).
With my laptop connected to the LAN everything works as expected.
But moving out of office there are a couple of problems.
I can't access the SharePoint intranet site at https://remote.mydomain.com:987 and my Outlook client is unable to connect to the Exchange server.
Sitting on the LAN both those are available and works as expected.
From the WAN Outlook Web Access works on https://remote.mydomain.com/owa
I've setup Inbound Services in the Firewall for FTP, HTTP, HTTPS, IMAP2, IMAP3, IMAP4, IMAP4S, PING, POP3, POP3S, SMTP
Ftp, http, https and smtp works from the WAN without problem, just https to port 987 that does not and setting up an Inboud Service for HTTPS with Translate to Port Number 987 did not help.
Something in the Firewall that I'm missing but what?
/Anders
On the LAN is a SBS 2008 server running Exchange and SharePoint.
The server also handles DHCP and DNS (DHCP turned of in FVS338).
With my laptop connected to the LAN everything works as expected.
But moving out of office there are a couple of problems.
I can't access the SharePoint intranet site at https://remote.mydomain.com:987 and my Outlook client is unable to connect to the Exchange server.
Sitting on the LAN both those are available and works as expected.
From the WAN Outlook Web Access works on https://remote.mydomain.com/owa
I've setup Inbound Services in the Firewall for FTP, HTTP, HTTPS, IMAP2, IMAP3, IMAP4, IMAP4S, PING, POP3, POP3S, SMTP
Ftp, http, https and smtp works from the WAN without problem, just https to port 987 that does not and setting up an Inboud Service for HTTPS with Translate to Port Number 987 did not help.
Something in the Firewall that I'm missing but what?
/Anders
5 Replies
- Do you have Remote Management enabled? What port is it on?
- Why are you using port translation? Create an inbound service to forward port 987 to the server on port 987. I've attached a link to a list of the ports used by Outlook to communicate with Exchange, you'll need to figure out which ones are critical to your use and forward those, some, like 135, I would not suggest you forward - when I ran exchange I used OWA for external access. https://support.prolateral.com/index.php?/Knowledgebase/Article/View/179 https://support.microsoft.com/en-us/kb/270836
fordem wrote: Why are you using port translation? Create an inbound service to forward port 987 to the server on port 987.
I've attached a link to a list of the ports used by Outlook to communicate with Exchange, you'll need to figure out which ones are critical to your use and forward those, some, like 135, I would not suggest you forward - when I ran exchange I used OWA for external access.
https://support.prolateral.com/index.php?/Knowledgebase/Article/View/179
https://support.microsoft.com/en-us/kb/270836
Thanks, knew I was missing something.
Inbound service for port 987 was exactly what I meant to-do but got it mixed up with port translation.
Was looking for rules and not services, terminology mix-up.
Now SharePoint intranet (port 987) works from intranet.
But Outlook client still will not work.
OWA does work but we want the full Outlook Windows client as we regularly work out of office.
That list of ports looks to be much more than I would like to open up in the firewall.
Had it working before but unfortunately lost the configuration and don't have it documented :mad:- My suggestion would be a VPN connection - especially since you have the FVS338 - if I remember correctly, that model supports up to 50 simultaneous connections.
- @WestNordic: As per suggestion of fordem, check this link below as reference guide in setting up client-to-box VPN on your FVS338: http://documentation.netgear.com/fvs338/enu/202-10046-03/FVS338-07-17.html This link might help as well: http://kb.netgear.com/app/answers/detail/a_id/961/related/1
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
