Hello. I purchased Server Essentials 2016 despite it being half way to EOL because I am new to setting up servers and need to set one up for my job. We have a total of 7 employees in the company, so no IT department, but we need the ability to share files and provide SFTP functionality to external clients. I decided it would be best to use the last version that fully supported the simplified setup, hence 2016.
I do not have a static IP address and planed on using the dynamic DNS service to get around that. As I understand it, I shouldn't need a static IP to provide VPN and remote access, but a lot of the documents and forums seem to expect a static IP is in use. We are not all connected to the same router, so it requires actual external access. Is a static IP actually required for this? I also tried to setup 192.168.0.2 to always point to the server using both TCP/IP properties in the OS and using the router. The router refused to accept the setting with a cryptic error, and Windows accepted the setting but when I looked at it it said it was reserved and inactive. So I have nothing in place at the moment to ensure the server is always the same.
I have been trying to get the OS installed for a month now and continue to have issues. Big hiccup was caused by the remote access site being offline at Microsoft. They corrected that error in May 2022 so I reinstalled the OS from scratch. This time the Anywhere Access wizard made it all the way through the setup but fails in the verification step with the error Please check inbound connectivity on port 443 and 80.
The router I'm using is an Arris SBG6580 home model which is at 192.168.0.1, and the server is (currently via DHCP) at 192.168.0.2. For the server at 192.168.0.2, Advanced Port Scanner shows both port 80 and 443 active. Complete list:
Service Details
HTTP IIS Windows Server (Microsoft IIS httpd 10.0)
Port 53 (TCP) Microsoft DNS
Port 80 (TCP) Microsoft IIS httpd 10.0
Port 88 (TCP) Microsoft Windows Kerberos server time: 2022-06-03 13:04:40Z
Port 135 (TCP) Microsoft Windows RPC
Port 139 (TCP) Microsoft Windows netbios-ssn
Port 389 (TCP) ldap
Port 443 (TCP) Tunnel is TLSv1: Microsoft IIS httpd 10.0
Port 445 (TCP) Microsoft Windows Server 2008 R2 - 2012 microsoft-ds workgroup: BMXDOMAIN
Port 464 (TCP) [nothing listed in details column]
Port 593 (TCP) Microsoft Windows RPC over HTTP 1.0
Port 636 (TCP) Tunnel is TLSv1: ldap
However, Advanced Port Scanner shows the router itself (192.168.0.1) only has port 80 open. So I'm thinking I should be seeing 443 here too and that's the error reported by Anywhere Access wizard.
My ISP is Spotlight and I did find a reference in some of their documentation that they reserve 443 for their diagnostic server which I suspect is actually there to prevent home accounts from being used to host a server. Does that sound right? Is there anything else I can do to get around this? Seems I'm so close but most documentation I find is for regular server and all the various services and tools are overwhelming so I'm fairly stuck.
Any suggestions would be greatly, greatly appreciated.
Thanks!