I am running a single SBS 2003 SP2 server with Exchange 2003 using a single nic with a self-certified SSL certificate. I recently upgraded to a Draytek Vigor 2820Vn router as firewall and DHCP server. I don't think it has a bearing on this issue but the ISP is Sky (Residential), hence the Annex A firmware installed as shown below:
Firmware;
Vigor2820Vn
Firmware Version : 3.3.5.2_232201
Build Date/Time : Apr 7 2011 18:10:43
ADSL Firmware Version : 232201_A Hardware: Annex A
However, I am having a lot of problems with OWA, RWW, VPN access and general certificate issues related to the above. It seemed to be OK until a server power cut last night, although it was complaining a little about certificates before then. But now no-one has OWA, RWW or Outlok over HTTP access:
1) LAN and remote users cannot access Outlook over HTTP . On opening Outlook they receive the error 'There is a problem with the proxy servers security certificate. The security certificate is not from a trusted certifying authority'. The error code reported is 18.
2) Remote users trying to use either OWA or RWW receive a 'Certificate Invalid' error. When I view the certificate I notice that it is now 'Issued To' and 'Issued By' Vigor Router. I can't understand this. The FQDN of the self-certified certificate configured in SBS is mail.mydomain.com. I have checked the DNS and this is still configured as an A record pointing to the WAN IP address. Installing this router certificate doesn't prevent a 404 Not Found error.
3) Remote users can connect by VPN, but this is extremely unreliable and seems to depend on whether there are other users currently connected. This router should easily allow the 4 or 5 remote users I have simultaneous VPN access. Also, it can connect from one remote client successfully and shortly after fail with the same settings.
I have re-run both the CEICW and Remote Access To Do items in SBS without any success. I have also recreated the certificate in SBS (with the same name). I don't understand why the browser cannot seem to connect with the SBS self-certified certificate and how the router seems to be attempting to provide one when I have not configured it to provide any certificate management features. Do I need to import this self-certified certificate into the 2820? I've tried this several times using various methods without success. The import procedure returns a 'Fail. Maybe the format is wrong' error.
Any suggestions gratefully received.
