Jump to content

Welcome to We Got Served Forums
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Remote Web Access From Within My Network Isn't Working

- - - - - whs 2011 launchpad remote web access internet explorer microsoft

  • Please log in to reply
32 replies to this topic

#1
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Hello,

I seem to be having an issue that either no one else ever had or no one knows how to fix. I've researched several different forums and can't find a definite answer. I've accepted the fact that i'm not an expert and could be doing something wrong that is painfully obvious to others. Here's what is happening.

I got Windows Home Server 2011 installed on a fairly new Dell desktop. It far exceeds the hardware requirements. I added user accounts to correspond to the accounts on the computers that i was going to install the connector software on. I installed the connector software on my desktop and my laptop. The WHS Dashboard works on both machines no problem. Most of the functions on the Launchpad work too, except for one. On neither my laptop or my desktop I can't get the Remote Web Access function to work. When I click it, it starts my default browser, attempts to connect to https://SERVERNAME.homeserver.com, but returns an "Internet Explorer cannot display the webpage" message.
error.JPG
The only way to get the page to load is to use the IP of the server in the address bar. When I do this I get a certificate error.
error2.JPG
Researching this issue I was told that because the certificate is self signed I'll always get a certificate error. Anyways, I click "Continue to this website (not recommended)" and I am greeted with the login page. I log in using an admin user on the box and I am able to see content and browse shared folders. Now this all works as intended except for two functions. When I select browse pictures, I sometimes get a red X instead of a picture thumbnail. This issue is insignificant though. My second issue is I am unable to remote to the server (Dashboard) or my other PCs (If I'm on the desktop i can't remote to the laptop. If I'm on the laptop I can't remote to my desktop). The error I get is "Your computer can't connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not match. Contact your network administrator for assistance".
error3.JPG
Its important to note that the Remote Web Access works outside my network. I'm able to use my laptop at work, school, coffee shop, etc to connect and browse, remote, upload/download all day long with no issues. I can also access it from other peoples computer with no issue. Every function works just as advertised. Now if I could only figure out what is going wrong when I'm on my home network...

I did some general troubleshooting ; disabled firewall, checked router settings, released the domain name and recreated it. A forum mentioned routers not supporting loopback. I don't know what that is. I use a Netgear WNR1000 v2. I'm not sure if that's the case here but I'm hoping someone much smarter than I has seen an issue similar to this. Please help.

Attached Files




Upgrade to a WGS Supporter Account to remove this ad.

#2
cainmp

cainmp

    Advanced Member

  • Members
  • PipPipPip
  • 442 posts
  • Gender:Male
  • Location:Cincinnati, OH
Here is the issue the best I can describe it:

your homeserver.com web address is associated to your external ip address (provided by your ISP), but your router (that doesn't support loopbak I'm almost 100% sure), doesn't know what to do with requests that point it back to itself (that's loopback since your router is the device that holds your external IP address and is basically sending requests to itself), causing you to get browser errors. I would bet that is nearly 100% of the issues you are finding. Try to browse to your homeserver.com address from a computer outside your network and let us know if that works as normal.
  • bobbyc likes this

#3
Ian

Ian

    Advanced Member

  • Members
  • PipPipPip
  • 1,298 posts
  • Gender:Male
  • Location:Morton, UK
I think adding your WHS to your host file on your internal PCs may solve the problem.

An entry such as; 192.168.1.80 WHSNAME

where the IP is the IP of you WHS server and WHSNAME is the name of your server.

The host file is located in Windows\system32\drivers\etc

You will need to have hidden files and folders unhidden to find it.

host does not have an extension to its name but can be edited with notepad.

#4
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Thank you Cainmp and Ian for your replies.

Try to browse to your homeserver.com address from a computer outside your network and let us know if that works as normal.

I put in the original post that Remote Web Access works perfectly as intended outside my network. I'm able to log into it from work using a PC here and use all functions without issue. Only on my home network do I have this issue. I'm going to try a newer router when I get home as I think you are correct about the loopback.

I think adding your WHS to your host file on your internal PCs may solve the problem.

I tried this with my desktop but I may have entered the server name incorrectly. Instead of listing the actual name of the server in the host file I put the url (SERVERNAME.homeserver.com) which i know now wasn't correct.
Thanks again both of you. I'll try the host file first then the new router and let you know how it goes.

#5
nick27

nick27

    Member

  • Members
  • PipPip
  • 11 posts
Hi James,

no answer I'm afraid, just a confirmation that I get the same certificate error and editing the hosts file didn't make any difference. I know the pc is reading the hosts file as I entered the ip address incorrectly the first time and I then could not log on to the server at all.

nick

#6
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
The reason for the certificate error is because you changed the IP address after you got the certificate, which you got from MS when you subscribe for the domain name when you ran the Remote Access Wizard. You can tell your web browser to ignore the certificate error, as you know the server is trusted.

You would not include the url as you described above in your hosts file. You can put domain names with the correct IP address into your HOSTS file, but not in this situation. Let's say you have two computers on your network plus your server. They may be named PC1, PC2 & SERVER. If they all have static IP addresses you may wish to place all of them into the HOSTS file:

ie

192.168.1.100 SERVER
192.168.1.101 PC1
192.168.1.102 PC2

This is how networking was done along time ago. If you had 1500 systems on your network you had to have all 1500 systems included in your HOSTS file and the HOSTS file had to be installed on all network systems. This was a very difficult way to manage a large network. But on a home network, where you have a small number of systems it is possible to maintain your own HOSTS file. Most people will allow there router to act as the DHCP server and assign IP addresses for workstations, and then only assign static IP addresses to servers. This way you are sure the server is where it should be. the static IP also guarantees that when you try to access your server from the outside world, the data is forwarded to the correct node on your network.

Add your WHS to your HOSTS file. Here is some instructions to edit your HOSTS file....

You will need to add the IP address of your server and then the name of your server

Your server's name may be different then your domain name. To see what your server name is open windows explorer and locate your server under the network section. Or, RDP into your server and check your computer name there. You can find the computer name by right clicking on the computer icon and selecting properties.

It is not necessary to have the same domain name as the name of your server. Once you edit your HOSTS file, you should be able to type SERVERNAME in the address bar of your web browser and it will direct you straight to your remote web access page as you see when you are at work.

I hope this is of some help to you.

Good Luck....

#7
Ian

Ian

    Advanced Member

  • Members
  • PipPipPip
  • 1,298 posts
  • Gender:Male
  • Location:Morton, UK
Perhaps you misread my post- but you have just said the same;

You will need to add the IP address of your server and then the name of your server

Hey ho.

#8
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Update: I realized my screenshots disappeared from the original post. I've put them back.

Editing the host file didn't do any good. I confirmed that the host file change was saved and I am still getting the same error above (Error3). I removed the host file entry as a test and I was still able to get to the server by hostname. Modifying the host file was not neccessary.

The two major issuers persist. I want to use the Launchpad as microsoft intended. When I click on Remote Web Access, it wants to send me to https://SERVERNAME.homeserver.com but for some reason IE cannot display that page (Error1 above). Microsoft intended for this to work this way, putting the FQDN in and not just the host name of the box, so my setup must be wrong or it maybe my router. I was unable to aquire a different one so I'll have to wait to see if that is the issue to all of this.

The other issue is I'm still getting the error 3 from above when I attempt to remote to one of my computers from the web interface. The error mentions a "certificate". Is this the same certificate as error 2? How can i make that go away permanently? Can I fix the cert? Release it and get it renewed?

Thanks everyone for the help. I'm sure we'll help others from figuring this out together!

#9
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
James,

The reason you can not access your server via Remote Web Access is because you have the wrong name associated with your servers IP address in your HOSTS file. Until you either correct the entry for your server or comment out the line for your server you will get this error.

#10
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
Do you want me to help you?

#11
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts

James,

The reason you can not access your server via Remote Web Access is because you have the wrong name associated with your servers IP address in your HOSTS file. Until you either correct the entry for your server or comment out the line for your server you will get this error.



Bobby,

Thank you for the replies but I don't' think you are fully reading the original post or the additional replies that users are leaving. Just to clear some things up, I COULD ALWAYS access the server by typing the name of the machine into IE. I didn't mention this in my original post but I did say that I was able to connect via IP address. I didn't have to edit the host file to do this. I get a certificate warning when I do this but I can click continue and it will bring me to the same logon screen I see when I'm out of my house. If I do log in, all the functions I've tested work except for one. I get an error when i try and click on one of the connected computers. Error3.jpg attached to the original post shows this.

Two things. I've got the connector software installed on my wife's laptop. I want her to be able to click on the Remote Web Access button on the Launcher and it bring her to the server logon page. I don't want her to have to use the IP address, server name, etc to access it. The less buttons pressed, the better for her. Right now this function is failing outright but no one has mentioned it. Error.jpg attached shows this.

Now I thought I mentioned this in the original post but I seemed to have left it out. If I click on Diagnose Connection Problems at this screen (Error.jpg) I get a diagnosis of "The remote Device or Resource won't accept the connection". Is this information helpful? I know not many people have homeservers or they haven't upgraded to 2011 yet but I can't be the only one with this problem. I'm going to modify my original post, including the suggestions/troubleshooting I've done that everyone has suggested and repost in the technet forums.

#12
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
Let me appologize for not fully comprehending your situation. When you said you could Remote in with the IP Address I knew your router was working ok on you LAN. This lead me to beleive you had a DNS issue. So, I hope I can help you better at this point.

I also got certificate errors, I beleive this happened to me because I changed the servers IP address after I setup my domain. So, for now let's disregard this issue by clicking on the continue option you see in the web browser. And, let's focus on getting your router to pass your request.

From what I can tell you modified you HOSTS file. If you put the server's IP address in the host file as:
192.168.1.100 MyServer.homeserver.com, please comment this out for now by putting a pound sign '#' at the beginning of the line. This will cause your computer to ignore the line until we remove the # sign later. If you did not modify the HOSTS file as I discribed here, you can disregard this paragraph.

Can you check your router to see if port 3389 is open and forwarded to your server? If it is not, let's try and forward port 3389 TCP and name it as RDP.

Try this and let me know what happens.

#13
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Bobby, thank you again for your reply. No apology necessary. We're all trying to help each other here. Hopefully this post will help someone in the future with a similar issue.

Currently the host file for the system I've been testing with is unmodified. I removed the entry that I created so its back to its original state. I read your suggestion carefully and had a comment. I am currently able to RDP from any of my computers to the server or any other PC on my network. I've had no issue doing so. At this point I'm willing to try anything as long as I see that it isn't going to cause lasting damage and is easily reversible so I went along with your suggestion. I created a custom service on my router (RDP, TCP, 3389, 192.168.1.2). Clicked the Remote Web Access button on the launch pad and IE opened to "Internet Explorer cannot display the webpage" (error.jpg in OP). Entered the IP address of the server in the address bar, hit enter, and this brought me to the Certificate Error page (error2.jpg in OP). Clicked "continue to this website" and logged into the server. Since I was on my desktop I attempted to launch the remote Dashboard for the server. It failed and gave me the same error as before. (error3.jpg in OP) The issue still persists.

Thank you again everyone for your previous and future suggestions.

#14
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
OK,

Let's try something else. Don't change what we did in the last step. We are going to open a couple of additional ports. My WHS2011 book says that if you have a uPNP router, the Remote Access Wizard opens the following ports:

Port 443 (SSL) use TCP protocol
Port 4125 (RDP) use TCP protocol

Of course you want to forward this to your server's IP address.

The interesting thing about these ports are, my router does not have them open. But, I can use RWA from inside and outside my network.


THE FOLLOWING INSTRUCTIONS ARE FROM THE WNR1000 USER'S MANUAL, Let's try to open your NAT filter.

Configuring NAT Filtering
Network Address Translation (NAT) determines how the router processes inbound traffic. Secured
NAT provides a secured firewall to protect the computers on the LAN from attacks from the
Internet, but might prevent some Internet games, point-to-point applications, or multimedia
applications from functioning. Open NAT provides a much less secured firewall, but allows almost
all Internet applications to function. For more information about NAT, see “How Your Computer
Accesses a Remote Computer through Your Router” on page 5-2.
To change the NAT option:
1. In the NAT Filtering area, select either the Secured or the Open radio button.
2. Click Apply to save the new configuration.

Try one thing at a time so we can figure out what made this work....

Good Luck....

#15
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Bobby,
Port 443 was already being forwarded by uPnP. I created another custom service for 4125. No luck. Same errors as before. Same issues.

I thank you again for plugging away.

#16
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
Did you open the NAT Filtering?

#17
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts

Did you open the NAT Filtering?

Yes sorry. I didn't mention this because NAT was already set to open. I had some issues using a headset on xbox 360 so I changed the NAT settings some time ago.

#18
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
James,

I've been scratching my head on this one. So, I went back and read your posts again. In fact I read all the posts, and I noticed that cainmp mentioned that your router does not have the ability to perform loopback. And he suggests that this is the problem.

Do you have access to a different router that you could use for testing purposes? If you can barrow someone router, use the administration tools to backup their configuration. I use a Linksys WRT54GL with the latest version of Tomato firmware installed. The bad thing about this is it is only 54Mbps. Not sure what to tell you to consider as a choice for a router that will work. Maybe, you can ask for input in the hardware section.

Update your post so I know what the results are....

#19
James.Oody

James.Oody

    Member

  • Members
  • PipPip
  • 15 posts
Shame on me. I thought since I had a fairly new router that it couldn't be the issue. I was incorrect. Cainmp suggested it and the quote below shows that I considered it but never got around to testing it.

I'm going to try a newer router when I get home as I think you are correct about the loopback. .


I have a borrowed Linksys WRT150N running DD-WRT v24. I had to setup the port forwarding manually as WHS 2011 router setup wizard couldn't do it for me but after that it was like magic. I started the Launchpad on my computer, clicked on Remote Web Access, and it almost brought a tear to my eye. IE started, It showed https://SERVERNAME.homeserver.com in the address bar, and 5 seconds later it displayed the login page. I logged in no problem. Tested all the functionality of the server and all seemed to work. Tried to remote to the desktop from the laptop and volia, everything worked exactly like it should have. I can't thank everyone enough for your efforts on this. Now, I only have to find some custom firmware for my WNR1000 v2 or purchase a new router. Either way, issue solved and many thanks.

RESOLVED: Router was the issue (WNR1000 v2). Loopback not supported.
  • bobbyc likes this

#20
bobbyc

bobbyc

    Advanced Member

  • WGS Supporter
  • 637 posts
  • Gender:Male
  • Location:Central Pennsylvania, USA
  • Interests:Shoveling SNOW
Contributor
WOW....I bet you feel better....

If you buy a new router, consider one that is supported by one of the various Open Source Firmware upgrades available.

I looked for the "Tomato" firmware for your router and it is not supported at this time. According to documentation, they need a donor router to develope the firmware.

I run a DD-WRT Linksys and a Tomato Linksys. Personnally, I prefer the tomato firmware, but was unable to configure it as a bridge for my entertainment center. Hence the DD-WRT bridge. Occasionally, the DD-WRT router, in bridge mode, needs a reboot as it looses my network. But, the Tomato router is always rock solid and supports UPnP great.

Here is a link to Tomato compatable routers.





Also tagged with one or more of these keywords: whs 2011, launchpad, remote web access, internet explorer, microsoft

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


Upgrade to a WGS Supporter Account to remove this ad.