Remote access ip/remote okay, domain/remote NOPE

Discussion in 'Windows Small Business Server' started by CherylDetrick, Feb 5, 2007.

  1. Using SBS 2k3 release 2 without a desktop workstation (my laptop is my
    workstation in the office and my remote outside of it); I can only access the
    server using our staticip/remote, not https://domain/remote. Of course, when
    I access with the staticip/remote, I get the error message that the
    certificates don't match and that causes issues too.

    So, question, why can I access to the ip and not the domain. (yes, I've run
    the remote connection wizard on the server.)

    CherylDetrick, Feb 5, 2007
    1. Advertisements

  2. CherylDetrick

    Steve Guest

    What public DNS A record are you using for the CEICW FQDN on the self
    generated certificate?
    Steve, Feb 5, 2007
    1. Advertisements

  3. The certificate must match the DNS A name record. So seeing how you are
    using a static IP address you'll always get this error message. So most
    likely you are using the default certificate generated when you run the
    CEICW which is usually domainname.local. You need to register a FQDN and
    create a new certificate. The reason why you cannot access because there is no DNS A record for that is linked to the IPaddress. DNS does not know about Most likely your mail server is registered at your ISP as and you can likely get to
    SBS in Silicon Valley, Feb 5, 2007
  4. Hi:

    Okay, this is probably a REALLY stupid question. Here is the situation, our
    domain is hosted via Yahoo. All the A records on our control hosting panel
    there end in our However, my server is
    publishing.serverdomain.local. I'm currently on the phone with yahoo tech
    support (that is an adventure, they know less than I do!) ... is there
    another way to create an A record?
    CherylDetrick, Feb 5, 2007
  5. Who hosts your Exchange MX records? Your MX records are the ones that direct
    emails sent to you to the mail server whoever hosts it whether it be yahoo
    or you host your own SMTP mail servers. Do you have email delivered directly
    to your own SMTP Exchange mail server or do you use POP3 and pull your
    emails down from Yahoo?
    SBS in Silicon Valley, Feb 5, 2007
  6. My exchange MX records are hosted throughg yahoo. I do host the smtp mail
    server now (though I didn't until recently).

    I've been on the phone since I posted this with the data provider for our
    building T1 line that assigned me the static IP address to see if they can
    assign the A record to my serverdomain.local. They are pretty confused, but
    trying to get to their own tech people to figure it out. I'm not incredibly
    optimistic at this point!
    CherylDetrick, Feb 5, 2007
  7. Well Cheryl then you do not need to do anything else. If you host your own
    SMTP Exchange mail server then yahoo has the MX record for your mail server.
    It is probably something like and you can use this to
    get to your remote or OWA by using Now
    what you need to do is rerun the CEICW and create a new certificate that
    matches that A record.
    SBS in Silicon Valley, Feb 5, 2007
  8. Okay.. another question: can I tell CEICW that I want to use a specific name
    (like my .org)? And if I do, I have an A record setup for that, but I can't
    setup the .local through yahoo. Everything they have is and
    that is where it stops.

    I need an A record not an MX record right?
    CherylDetrick, Feb 5, 2007
  9. Here is what I do Cheryl to elimnate confusion and simplify things. I'm
    going to use mycompany as mail server name. My domain name ia different so I
    don't have certain issues.
    You send me an email at and it comes to my SMTP Exchange
    server and delivers the mail. My A record for my mail server is which is linked to the external IP of my SBS server. My
    MX record points to So in my case I cannot use or create
    another A name record to becuase it is used for our external
    website that is tied to a different IP. So I had my ISP create a new alias
    C.Name record and I called it so for anything that uses that
    external IP I can use this alias.

    For OWA they use
    For remote they use
    For external access for comapnyweb they can use
    and even the access my Citrix server they can use

    So you see the whole idea of creating an A record is to use an laternative
    name for the IP address it is linked to. Now given the above information you
    can see that I can also use because and are linked to the same external IP.
    Hope all this helps out.
    SBS in Silicon Valley, Feb 5, 2007
  10. CherylDetrick

    Steve Guest

    A .local domain is only for internal use and not valid externally. What is
    the exact A record name that is associated with the MX record you have setup
    for delivery to your Exchange? That is the FQDN that you need to use for
    your certificate when you run the CEICW.
    Steve, Feb 5, 2007
  11. Steve:

    Do you mean the mail record I set up for mail to come to my exchange server?

    CherylDetrick, Feb 8, 2007
  12. CherylDetrick

    Steve Guest

    Both the mail (MX) record and the host (A) record you have the MX record
    pointed to.
    Steve, Feb 8, 2007
  13. I'm sorry to be so dense about this!!!

    But, let me try this!

    When I went through the wizard on SBS2k3, it seems to me that it created the
    remote name that ended up on my certificate ...
    publishing.myserverdomain.local (keep in mind I was in the final days before
    my shoulder surgery so LOTS of pain meds involved and the details are quite
    fuzzy now!) ... of course a .local for a name is VERY problematic as that is
    not a global domain and I think my whole problem is I can't find a way to get
    the thing resolved because I can get an A record with that.

    Can I go back, re-run the wizard give it a name I choose, go to my yahoo web
    hosting, create an a record that goes with that name and then get a web cert
    and be good to go on this????
    CherylDetrick, Feb 9, 2007
  14. CherylDetrick

    Steve Guest

    Cheryl basically yes if the Yahoo web hosting is also hosting your DNS
    records. However, if you're currently receiving mail to Exchange via SMTP
    you already have a public DNS A record you can use for the certificate as
    well without creating a new one.
    Steve, Feb 9, 2007
  15. Yes Yahoo is hosting my DNS records and yes I'm receiving mail to exchange
    via SMTP. So, I use my MX record for my certificate for my server? I'm
    confused, how do I do that?
    CherylDetrick, Feb 9, 2007
  16. CherylDetrick

    Steve Guest

    Your MX record is actually pointing to an A record such as That is what you'd use for the cert when running the
    CEICW. Then for example RWW access would be When the remote computer connects to that
    URL with IE a security prompt pops up the first time and if you want to use
    Outlook via RPC/HTTP you have to actually install that cert on the remote
    Steve, Feb 9, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.