When SBS 2003 was released, there was an error involving how the CEICW configured itself with respect to ISA 2000. In particular, it failed to publish the CompanyWeb via the RWW portal. This was noticeable as the links to access the company s internal Web site were missing from the RWW interface. You can easily fix this with a few additional tweaks to the configuration. At the time of writing, I understand that this problem will be resolved in SBS 2003 Service Pack 1 so this tweak should no longer be required.
First, you need to do some work in ISA Servers management console to get the right protocols configured:
1. Run ISA Management Console.
2. Expand Servers and Arrays.
3. Expand the SERVERNAME (yours will be the name of your server).
4. Expand Policy Elements.
5. Select Protocol Definitions.
6. Right click on Protocol Definitions and select New then Definition.
7. Give the protocol a name we ll call it SBS CompanyWeb 444 , and click Next.
8. Enter 444 in the Port number box, TCP for Protocol and Inbound for Direction.
9. Click Next, Next, and then Finish.
The protocol is now defined. Next you need to create the publishing rule to allow the CompanyWeb to be accessible from the outside world.
While still in the ISA Management Console, do the following:
1. Expand Servers and Arrays.
2. Expand the SERVERNAME (yours will be the name of your server).
3. Expand Publishing.
4. Expand Server Publishing Rules.
5. Right click on Server publishing rules and select New then Rule.
6. Give the Server publishing rule a name we ll call it SBS Companyweb Publishing and click Next .
7. Enter the IP address of the internal server (192.168.16.2 by default).
8. Enter the External IP address of the ISA server (this will be different on each system).
9. Click Next.
10. Select the Protocol Definition you created above from the drop down list (SBS Companyweb 444).
11. Click Next, then Next and Finish.
12. Manually restart the ISA Firewall Service.
Now you need to install an SSL certificate on the CompanyWeb site itself:
1. Start IIS Manager from the Administrative Tools group.
2. Expand SERVERNAME.
3. Expand Web Sites.
4. Expand CompanyWeb.
5. Right click CompanyWeb and select Properties.
6. Go to the Directory Security tab.
7. Click Server Certificate and then click Next.
8. Select Assign an existing certificate and then click Next.
9. Select the certificate that is the same as the external domain name ( mail.correct.com.au ).
Do not select the certificate called publishing.domain.local as this is used internally by ISA.
10. Click Next.
11. Confirm that it will use port 444.
12. Click Next.
13. Click Next.
14. Click Finish.
15. Press OK to acknowledge the final screen.
Almost done now; we just need to modify some of the registry values in the RWW section to enable the sections to appear in the RWW screens.
1. Run Regedit.
2. Navigate down the tree to the following key: HKLM\Software\Microsoft\SmallBusinessServer\RemoteUserPortal\KWLinks
3. Right click the entry called STS and select Modify.
4. Enter the value of 1 and press OK.
5. Navigate down the tree to the following key: HKLM\Software\Microsoft\SmallBusinessServer\RemoteUserPortal\AdminLinks
6. Right click the entry called STS and select Modify.
7. Enter the value of 1 and press OK.
8. Right click the entry called HelpDesk and select Modify.
9. Enter the value of 1 and press OK.
10. Exit Regedit
A few additional notes to remember:
? If you ever re-run the Connect to Internet wizard, this procedure will need to be redone because the wizard will set things back to factory defaults
? You need to ensure that you open up port 444 on any external hardware router/firewall that you may have.
Leave a Reply