Dynamic IP, dyndns.org, and RWW

Discussion in 'Windows Small Business Server' started by ja, Jan 6, 2009.

  1. ja

    ja Guest

    I'm sorry to post this "often asked" & "always specific" question but I'm not
    getting anywhere with my client, still cannot access RWW remotely.

    - Have SBS2003 R2 on a Dell 1900 server (domain: rdfrubber.com)
    - Have a dynamic IP from Verizon.net w/PPOE
    - Have Linksys router configured with PPOE, DHCP disabled, LAN IP:
    - Have two NIC's in the server,
    Server NIC: Set Manual
    IP Address:
    Gateway: blank

    Network NIC: Set Automatic DHCP
    IP Address:

    - Currently only using the POP3 connector to receive email. (Exchange later?)
    - Created an account at dyndns.org : rdfrubber.dyndns.org (is this correct?)
    - Ran the ICW more than once but cannot get RWW to work?

    I do not fully understand what to do in the ICW regarding the dyndns?
    After running the ICW, I have tried http://rdfrubber.dyndns.org/remote,
    rdfrubber.dyndns.org, http://rdfrubber.dyndns.org, etc but cannot access the
    RWW remotely?

    This is my first server install with a Dynamic IP, they cannot get a
    business class DSL service because of their location.
    Any help would be much appreciated.
    ja, Jan 6, 2009
    1. Advertisements

  2. If you have two nics in the server, they must both be with static non
    routeable IPs and on different subnets, one (the 16.2) should be connected
    to the switch where all your workstations are connected. The second one
    should be connected to your Linksys Router on the LAN side with an IP to
    match the LAN configuration of the Router. Typically this is or

    Then re-run CEICW and you should be ok
    Cris Hanna [SBS MVP], Jan 6, 2009
    1. Advertisements

  3. Merv Porter [SBS-MVP], Jan 6, 2009
  4. ja

    ja Guest

    Merv and Cris, Overall, and after looking over the Merv document, I have the
    Server Internal NIC all correct.

    Regarding the Router:
    - Verizon DSL is PPOE so do I configure the Router w/PPOE or
    - Do I configure it in the SBS ICW PPOE settings?

    At first, I had connected the Westell Bridge DSL modem directly to the
    Server, and ran the ICW to use PPOE on the Broadband connection but could not
    get the Internet to work? (Will the Server be at risk w/o a router?)

    Next, I added the Linksys back in between the Westell and the Server, and
    set PPOE in the Linksys, and then let the Linksys give out an IP to the
    External NIC via Linksys's DHCP? This has worked just fine for Internet
    access thus far, but I want this all setup correctly..according to
    (I did change the Linksys LAN IP to the 192.168.16.something, but cannot get
    back into the Linksys via the Server browser? (I will definitely change the
    Router and External NIC to Merv's recommended setup)

    Once I get the External NIC/IP's/Router corrected, do I still need to do any
    Port Forwarding in the Linksys? Are there any other items to consider
    regarding the dyndns stuff?


    ja, Jan 7, 2009
  5. If the Westell is truly in Bridge Mode (not acting as a firewall or router;
    just acting as a DSL modem and passing all traffic into your network), I
    would leave the Linksys in place between the Westell and your external NIC.
    Then do the port forwarding from the LAN side of the Linksys router to your
    external NIC IP address (which should be in the same subnet as the Linksys
    router). The Linksys subnet (example, 192.168.0.x) must be different from
    the SBS subnet (192.168.16.x). Set up the port forwarding manually in the
    Linksys router.

    Examples of common ports that may need to be forwarded:
    (depends on services selected in CEICW)

    Port 443... SSL
    Port 4125.. RWW Proxy
    Port 25... Exchange (if mail is to be delivered directly to your SBS
    Exchange server)
    Port 1723 and GRE Protocol 47... VPN via PPTP
    Port 3389... Terminal Services

    No need to forward port 80 in most configurations.

    From the SBS server | (rt. click) My Network Places | Properties, assign a
    static IP address to the SBS external NIC; don't let the Linksys router
    assign it dynamically (you don't want the IP of the external NIC to change
    at any time). In fact, unless you plan to set up some kind of network for
    guest Internet access, turn off the DHCP Service in the Linksys router.

    Then run CEICW to configure SBS and its services, but do not let it run UPNP
    to set up the router.

    For RWW access, use https://<yourSBSservername>/remote (note the "s" on the
    end of "https:").

    CEICW Walkthrough

    Westell (WAN side; bridge mode, all trafiic passed)
    Westell (LAN side; probably 192.168.1.x)
    Linksys router (WAN side; PPOE dynamically obtained from ISP)
    Linksys Router (LAN side,
    SBS External NIC (
    SBS Internal NIC (default is
    Network Switch
    | | | | |
    Workstations (all 192.168.16.x)

    Merv Porter [SBS-MVP]
    Merv Porter [SBS-MVP], Jan 7, 2009
  6. ja

    ja Guest

    Merv, Regarding Exchange Email, they have their emails & domain hosted with
    register.com. I logged into the Register.com account page and there I can
    change all of the mail records stuff like MX, Pointer, A records etc. Will I
    need to change those as well after running the CEIW or before? (I know about
    the 24hr propgation time)

    Will the Register.com records point to the new rdfrubber.dyndns.org?

    Lastly, Can I wait to do the Exchange email until after I have the RWW
    working with the Dynamic IP? If I just add the POP3 email accounts into
    Exchange for now, can email be forwarded to a Blackberry phone as well as
    received via the desktop's Outlook client?

    Thanks again to all,

    ja, Jan 9, 2009
  7. I would get RWW working first. All the DDNS (Dynamic DNS) account at
    dyndns.com does is create a record that ties your WAN IP address to your
    dyndns domain name (). You'll need to install a small
    piece of software on the server that tracks any change to your WAN IP
    address and updates the Dyndns servers with that change.

    EMAIL... Your Dyndns account will not solve your mail issue. I assume at
    this point that you have individual POP3 accounts set up at Register.com for
    all the users. If so, for now, I would run CEICW and set up the POP3
    connector to retrieve mail from the Register.com mail server and bring it
    down into your SBS server. It will then be handed off to Exchange server
    for delivery to your user's Exchange mailboxes. From there, the users can
    use Outlook to receive and reply to email.

    SENDING EMAIL... I assume you will be relaying all outbound mail through
    the mail server at Register.com (i.e., using them as a Smarthost).

    If your intent to have the client host their own Exchange server on the SBS
    (i.e., mail will be delivered directly to the SBS server), a dynamic IP
    address makes hosting your own Exchange mail server a bit more difficult,
    but it can be done:

    SMTP Delivery on Dynamic IP Address

    With a dynamic IP address, one problem you may run into is that mail servers
    may reject mail since they can't tie your IP address to your domain name
    with an RDNS lookup (Reverse DNS via a PTR record). Dyndns.com has a
    product called Mailhop that may help. I believe you would then be relaying
    outbound mail through the Dyndns servers. (I have not used this product).

    MailHop Outbound

    I'll leave the Blackberry question to others as I have no real experience
    with them.

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 10, 2009
  8. ja

    ja Guest

    Merv, You are sure a wealth of specific information and I as a new comer
    really appreciate the help you and everyone gives to the forum.

    I will definitely only get the RWW going first, use the POP3 connector for
    Incoming email, and hopefully let Verizon be the relay/smarthost for Outgoing

    I also have already downloaded the Dyndns application and it is running in
    the Taskbar of SBS, showing the Dynamic IP from Verizon and the new

    Regarding the Port Forwarding mentioned earlier, it sounds like I only need
    to do the ports for RWW?

    ps: Yes they have POP3 emails with Register.com and I'll addd those to the
    POP3 connector. Do you know if there is a way to tell the POP3/Exchange
    connector on SBS to "Leave a copy of messages on the Register.com server"? If
    so, that would take care of the Blackberry issue because the phone would just
    receive the same messages as SBS. (Before SBS, this is how they were handling
    their email..they used Outlook 2003, had the POP3 email setup, and then under
    Advanced Settings, they checked the box to leave a copy, and delete after 2
    days or when deleted from Outlook)

    Thaks again,

    ja, Jan 10, 2009
  9. Port Forwarding... As long as you're confortable with doing any remote
    server management/administration using RWW to access the SBS server, only
    forwarding ports 443 and 4125 would be OK. There are other ports that can
    be useful from time to time (3389, 1723, etc.) and eventually you'll need to
    forward port 25 for Exchange mail when you quick using the POP3 Connector.
    But keep it simple for now until you get your feet wet.

    POP3 Connector... No. There is no way to configure the POP3 Connector to
    "leave a copy on the server".

    One way around this might be to have the Blackberry user access his mail
    through Outlook Web Access (OWA), which is the little brother of Outlook
    2003 (the interface is very similar). You access OWA by typing:
    https://rdfrubber.dyndns.org/exchange and then use your SBS username and
    password at the OWA logon screen. Since OWA only requires port 443, you
    wouldn't have to forward any additional ports. When you re-run CEICW, you
    would need to select Outlook Web Access (in addition to Remote Web
    Workplace) on the Web Services Configuration screen. By using OWA, all mail
    is kept on the SBS server, and replies are sent from there as well.
    Basically, OWA is just a different way to view and use an Exchange mailbox
    on the SBS server. No need to "leave a copy" since the user would be
    accessing his Exchange mailbox directly via his Blackberry.

    CEICW Walkthrough

    How To Receive Email On Your Blackberry From Outlook Web Access Account

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 10, 2009
  10. ja

    ja Guest

    Merv, Thanks.. I think that I'm getting closer..but still need help..

    For your convenience, I have made a PDF document that includes all of my
    Linksys settings, Dyndns settings, and my latest run of the CEICW. Here is
    the link: http://cerberus.clearwave.com/jerry/RDF_Configuration.pdf

    - The RWW/OWA/etc is still not working offsite? (tried

    - The Email is still not working properly? (tried POP3 connector, mail
    receives fine, cannot send?, Deleted POP3 connector emails, tried Use DNS,
    tried Forward all , tried Use Exchange, etc..but all email comes in fine, but
    will not go out?)

    I have gone thru the CEICW mutltiple times trying lots of different
    combinations, but none seem to be right? On a positive note, I did get the
    Linksys and the Outside NIC configured correctly. Thanks to all for
    suggesting the correct settings there. (Internet works great!)

    ps: As mentioned earlier, I do have access to all of the Domain stuff at
    Register.com including:
    RR DNS Record Type
    ----- -------------------------
    - A Edit IP Address Records
    - AAAA Edit IPv6 Address Records
    - CNAME Edit Domain Aliases Records
    - MX Edit Mail Exchanger Records
    - TXT Edit TXT Records (SPF)
    - PTR Edit Pointer Records and Reverse Zones
    - SRV Edit SRV Records

    Thanks again,

    ja, Jan 12, 2009
  11. step by step.

    OK, dyndns updater seems to be working.
    Query: rdfrubber.dyndns.org. Query type: Any record
    Recursive query: Yes Authoritative answer: Yes
    Query time: 936 ms. Server name: n/a

    rdfrubber.dyndns.org. 60 A

    Which from your pdf (hope you don't mind) is the current IP, but I can't

    The port forwards on the Linksys for 443/3389/4125 only need to be TCP but
    having them set to BOTH shouldn't stop them from working.

    You have not told the CEICW to open 3389 (Terminal Services) so that port
    forward is doing nothing at this time. That's OK, for RWW and the RDPProxy
    you only need 443 (RWW) and 4125 (RDPProxy, or 'connect to...' function in

    Still, I cannot get a connection to https://rdfrubber.dyndns.org/remote.
    This is as if Verizon are blocking it, or the port forwards aren't working,
    or SBS for some reason isn't listening to those ports on the

    Please give us the full (preferably unedited) output of 'IPConfig /all >

    SuperGumby [SBS MVP], Jan 12, 2009
  12. ja

    ja Guest

    Here is the ipconfig /all report:
    Microsoft Windows [Version 5.2.3790]
    (C) Copyright 1985-2003 Microsoft Corp.

    C:\Documents and Settings\Administrator>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : RDFINC
    Primary Dns Suffix . . . . . . . : rdfinc.local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : Yes
    DNS Suffix Search List. . . . . . : rdfinc.local

    Ethernet adapter Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : VIA VT6105 Rhine III Compatible Fast
    rnet Adapter
    Physical Address. . . . . . . . . : 00-15-E9-F2-09-4F
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . :
    Subnet Mask . . . . . . . . . . . :
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . :
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Ethernet adapter Server Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE
    VBD Client)
    Physical Address. . . . . . . . . : 00-1E-C9-E5-08-62
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . :
    Subnet Mask . . . . . . . . . . . :
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . :
    Primary WINS Server . . . . . . . :

    C:\Documents and Settings\Administrator>

    ja, Jan 12, 2009
  13. What make/model of DSL modem do you have from Verizon?

    PPPoE and Verizon DSL

    I'm wondering if the "modem" is not in bridge mode (or has a firewall) and
    is blocking traffic into your network.

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 12, 2009
  14. ja

    ja Guest

    The Modem is a plain Westell 6000, and does have any router features builtin.
    No reset button either. It is a pure "bridge" modem.

    ja, Jan 12, 2009
  15. I concerned that https://rdfrubber.dyndns.org/remote does not result in a
    connection. I also cannot ping the IP address associated with it
    ( Is this IP the WAN that you get from Verizon?

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 13, 2009
  16. On the Security tab of the Linksys WRT54G router, uncheck "Block Anonymous
    Internet Requests". This should allow you router to be "pingable" from
    outside your network. (i.e., will be able to ping This
    may give us more info if we still can't ping this IP after the change.

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 13, 2009
  17. Also, you router's firmware looks way out of date. I believe it shows
    version 1.00.9 and the latest is 4.21.1. You may want to update it.

    WRT54G Downloads

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 13, 2009
  18. ja

    ja Guest

    Merv, I unchecked "Block Anonymous Internet Requests" and router should now
    be pingable.
    I will upgrade the firmware tomorrow, once I check what version is on the
    Tag on/under the router.

    Other information: I have Symantec Endpoint v11.0.3001 running on the
    Server/Desktops and it is working great with no problems.

    Is there anything there that would affect RWW?

    ja, Jan 13, 2009
  19. No experience with Symantec Endpoint. I'm assuming it doesn't install any
    firewall components that would interfere.

    rdfrubber.dyndns.org [] is not pingable as of 7:20 am EDT this
    morning (Tues.)

    After firmware is updated, re-run CEICW, enable the firewall, select your
    services and then complete CEICW.

    Then install, update and run a scan with the SBS 2003 BPA to see if it can
    find any confiuration problems:

    Microsoft Windows Small Business Server 2003 Best Practices Analyzer

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 13, 2009
  20. OK. rdfrubber.dyndns.org is pingable as of 7:43 am EDT this morning.

    RWW still not working.

    Merv Porter [SBS-MVP]

    Merv Porter [SBS-MVP], Jan 13, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.