Jump to content
john401

Remote Web Access Problem with WHS 2011

Recommended Posts

john401

I have this server with WHS 2011 up and running on the network and 4 computers can access the server, BUT, when I try and install Remote web access there seems to be problems with Port forwarding, I have set the server as a reserve ip address ( 192.168.0.3 ) I am using a Netgear DGN220v3 modem router, using one of the network computers to open the router interface to port forward (doing this way as if I use IE on server to open router interface it seems to freeze before page fully loaded not sure why) using either Portforward.com utility tool or doing it manually it shows ports are entered on the router but on checking they are not open (80,443 and 4125) checked with ISP and they also say the IP address is not reachable, enabled DMZ, tried disable firewall on server and every thing I can think of and still no joy, even tried a router which shows ports open on another internet connection i.e Netgear DGN2200v4 and that doesn't work on this internet connection.

 

Would be grateful for any help

 

John

Share this post


Link to post
Share on other sites
Drashna Jaelre

Try running GRC's Shields' up.  

If the ports are forwarded (don't use DMZ, it can mangle the connection and it exposes too much of the server), it should show up as open.

https://www.grc.com/x/ne.dll?bh0bkyd2

 

And honestly, if you're using consumer grade (eg, not business) internet, the ports are likely blocked by your ISP .... regardless of what they're telling you (which ISP are you using, if you don't mind).

Share this post


Link to post
Share on other sites
john401

Just had another look at ports on my Netgear DGN2200v4 forwarded 80, 443 and 4125, portforward utility is telling me they are open, every other port checker is telling me they are closed, this is just on my home computer.

The computers where I have WHS 2011 spoke to the ISP provider today and they told me that they are not blocking, they tried to check from there end and told me was closed,

ISP is an English firm for business use I think Digicommnetserv.com.

 

Am seriously wondering if its the Netgear router

Share this post


Link to post
Share on other sites
john401

The response I got back from the GRC Shields up test was:.

 

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES

Share this post


Link to post
Share on other sites
jmwills

I thought we already had a thread going on this?  At this point, you either have a bad router or one that needs to have its firmware flashed.

Share this post


Link to post
Share on other sites
john401

My thought is bad router, I flashed the DGN2200v3 at the job, no change, the DGN 2200v4 which is mine I cant update as I use to allow me to set up an access point with a Belkin and the later firmware doesnt have that facility, been advised D-Link are better routers for portforwarding so just got to find out which is best one.

Share this post


Link to post
Share on other sites
Technogod

Turn on UPnP in the Router. In Server Settings under Remote Web Access run repair. Is your Router information and Domain Name correct on the Remote Web Access tab? A lot of people don't recommend running UPnP. I've never had any trouble. I ran the GRC Shields up test and received the same message. Evidently my Router knows not to respond. I'm running a Linksys E1200 with stock firmware.

Share this post


Link to post
Share on other sites
jmwills

Sorry, but turning on UPnP is a HUGE security risk.

  • Like 1

Share this post


Link to post
Share on other sites
Technogod

As long as NAT is enabled and you're running security software it shouldn't be a problem. Most problems occur internally from viruses. GRC shields up test couldn't detect UPnP was enabled.

Edited by Technogod

Share this post


Link to post
Share on other sites
GotNoTime

As long as NAT is enabled and you're running security software it shouldn't be a problem. Most problems occur internally from viruses.

I agree with jmwills. Enabling UPnP is a bad idea. It is possible to carefully craft a legitimate script/applet which is unlikely to be picked up by AV scanners that will cause your browser or app with HTTP functionality to access the UPnP daemon in your router and start allowing external connections to internal devices. Standard UPnP IGD functionality is fundamentally flawed and a security risk. If you want to port forward then do it manually.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now




×