"Nigel.UK." <Nige***@discussions.microsoft.com> wrote in message
news:82638A77-095E-4AE4-A5CF-E1A71C5E242A@microsoft.com...
>I am running wsbs2003sp1 on one machine and w2003sp1 and iis on my web
> server. My website is visible on the www but clients cannot open pdf
> documents, which i can open in my own browser.
> apparently ipnat.sys is running on the wsbs machine and windows firewall
> on
> the web server. I have tried opening various ports on the web server and
> on
> the dsl router. Please advise me how to safely allow anonymous internet
> browsers to open / download documents from links on my website.
>
> thanks

"Dave" wrote:

> if the website is visible on the internet side of the router then you have
> the right ports open... for a normal site that means only port 80 and only
> to the web server machine.
>
> the question is, what is the difference between the pages the outside world
> can open and the pdf's they can't open.  i am assuming that since you
> mention fileshares in the subject and included the sbs machine in the
> configuration in question that the pdf files are in a shared directory on
> the sbs machine.  the most likely problem in this case is that the anonymous
> internet account does not have access to the share on the sbs machine.  when
> you are accessing the pdf's locally you are using your local login
> credentials which most likely do have access to the files in the share.  if
> these are correct assumptions you have basically 2 options.  you could give
> the anonymous internet account read access to the share, or you could copy
> the documents you want outside users to see to somewhere on the web server
> that they already have access to.  i prefer the second method, keep
> anonymous users confined to the web server as much as possible.  this
> normally means making a copy of what you want to expose and keeping the
> original safely tucked away somewhere else.
>
>
> "Nigel.UK." <Nige***@discussions.microsoft.com> wrote in message
> news:82638A77-095E-4AE4-A5CF-E1A71C5E242A@microsoft.com...
> >I am running wsbs2003sp1 on one machine and w2003sp1 and iis on my web
> > server. My website is visible on the www but clients cannot open pdf
> > documents, which i can open in my own browser.
> > apparently ipnat.sys is running on the wsbs machine and windows firewall
> > on
> > the web server. I have tried opening various ports on the web server and
> > on
> > the dsl router. Please advise me how to safely allow anonymous internet
> > browsers to open / download documents from links on my website.
> >
> > thanks
>
>
>

"Nigel.UK." <Nige***@discussions.microsoft.com> wrote in message
news:4BABFD6C-68DB-4331-8962-C090A05088B7@microsoft.com...
> thanks Dave, however the files and folder ARE on the web server, not the
> sbs
> machine. they are in a subfolder of inetpub. the website is
> www.band.uk.net
> and I have tried manually setting permissions to the folder for that
> machine
> internet guest account and anonymous web user. I have also included on the
> site a link to a pdf that i downloaded from elsewhere. is there a conflict
> between ipnat.sys on sbs and windows firewall on the web server or is the
> sbs
> machine irrelevant?
> should the website be sharepoint? It is not a "company" site but is
> intended
> to be public
>
>
> regards
> nigel
>
> "Dave" wrote:
>
>> if the website is visible on the internet side of the router then you
>> have
>> the right ports open... for a normal site that means only port 80 and
>> only
>> to the web server machine.
>>
>> the question is, what is the difference between the pages the outside
>> world
>> can open and the pdf's they can't open.  i am assuming that since you
>> mention fileshares in the subject and included the sbs machine in the
>> configuration in question that the pdf files are in a shared directory on
>> the sbs machine.  the most likely problem in this case is that the
>> anonymous
>> internet account does not have access to the share on the sbs machine.
>> when
>> you are accessing the pdf's locally you are using your local login
>> credentials which most likely do have access to the files in the share.
>> if
>> these are correct assumptions you have basically 2 options.  you could
>> give
>> the anonymous internet account read access to the share, or you could
>> copy
>> the documents you want outside users to see to somewhere on the web
>> server
>> that they already have access to.  i prefer the second method, keep
>> anonymous users confined to the web server as much as possible.  this
>> normally means making a copy of what you want to expose and keeping the
>> original safely tucked away somewhere else.
>>
>>
>> "Nigel.UK." <Nige***@discussions.microsoft.com> wrote in message
>> news:82638A77-095E-4AE4-A5CF-E1A71C5E242A@microsoft.com...
>> >I am running wsbs2003sp1 on one machine and w2003sp1 and iis on my web
>> > server. My website is visible on the www but clients cannot open pdf
>> > documents, which i can open in my own browser.
>> > apparently ipnat.sys is running on the wsbs machine and windows
>> > firewall
>> > on
>> > the web server. I have tried opening various ports on the web server
>> > and
>> > on
>> > the dsl router. Please advise me how to safely allow anonymous internet
>> > browsers to open / download documents from links on my website.
>> >
>> > thanks
>>
>>
>>