Question : SBS 2003 with ISA running Exchange behind another SBS 2003 with ISA w/o Exchange - OWA errors

This setup is temporary.  One client had to move out of their space and I had to find a spot for their Exchange server to live.  

I have an SBS 2003 box with ISA 2004 on it.  It runs Exchange 2003.  All up to date and working fine on its own.  It has two NICs, both are in use - one for the internal domain, one for the external domain.  This is Server A.

I have an SBS 2003 box with ISA 2004 on it.  This server does NOT run Exchange and Exchange was not set up on it.  It has two NICs, both are in use - one for the internal domain, one for the external domain.  This is server B.


I was in a pnch and had to move Server A, so I put behind Server B.  They maintain separate domains.  Because Server B does not handle Exchange, I figured I could forward ports 25, 110, 443, and others to Server A.  

Server B is in place, and it is able to receive mail and I can POP it.  So ports 25 and 110 are working.  But OWA is not working.  I'm not sure if it's a web listener issue (do I need to set that up or can I just tell it to forward port 443 to the external IP of Server A).  

When I go to https://www.domainname.org/exchange from an external source (this worked fine before the server was behind Server B), it sees the servers certificate, I can see that in the browser, but I get this error:
Error Code: 408. The operation timed out. The remote server did not respond within the set time allowed. The server might be unavailable at this time. Try again later or contact the server administrator. (12002)

When I remote desktop to Server B and go to https://10.0.0.230/exchange (the IP I assigend to the external interface of Server A - which of course is on Server B's internal LAN), I get:
Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)

That last error tells me there's an issue with ISA of Server A.

I appreciate any advice anyone can give.

Thank you

Answer : SBS 2003 with ISA running Exchange behind another SBS 2003 with ISA w/o Exchange - OWA errors

Your plan is really not a good one from the start.

First, you cannot really have two SBS's functioning in the same IP Subnet without having some serious DHCP problems as well as the fact that they might see eachother and start shutting down (due to licensing restriction of having only a single SBS).

Your best solution is if you have more than one public IP address to put a switch on your Internet connection and then a couple of routers behind it.  Or if you have a router that supports multiple LANs (VLAN).

If you only have a single public IP address but you have a router that supports VLANs then you can still separate the networks, but I'd suggest removing ISA Server from both of these and just letting your router act as the firewall.  (You can remove one of the NICs from each as well if you remove ISA).

Least desirable solution?  Remove ISA Server from that second server as it's really unnecessary if there is no external access.  Make sure that it's on a completely separate IP Subnet.

Jeff
TechSoEasy
Random Solutions  
 
programming4us programming4us