Re: ISA 2000 POP3 Issue

The strange thing is I can telnet to multiple POP servers from the server and
one workstation on the network, but not from any other ones. I checked the
config of that one workstation and it is identical to the other systems. We
are using multiple versions of Outlook, but the oldest version is Outlook
2000. I tried the logs and they really are hard to dicypher. I have tried
installing the Firewall client on several workstations and that didn't help
either. At this point I am on the verge of moving to a new server, dropping
SBS 2000 / ISA all together, and getting a Sonic Wall of something.

Does anyone have any other ideas why this issue would be so random? Thanks
for all the help so far.

Bob


"Phillip Windell" wrote:

The speed of the line doesn't eliminate the MTU as being the problem.
I agree the MTU may not be the problem, but in any case, the line speed
isn't relevant.

How about telneting to a diffrernet POP3 & SMTP server elsewhere and see if
it connects?

It is also important to know if the user is using Outlook or Outlook Express
(or some other). With ISA2004/6 Outlook by default does not use the
Firewall Service, meaning it has to use the SecureNAT,..meaning that the
Rules have to be anonymous. If the Rules require authentication it will
fail. I don't know if the same condition exists with Outlook -vs- ISA2000.
It's been a long time since I messed with ISA2000 and I don't remember my
way around it that well anymore.

The best information is in the ISA logs,..unfortunately with ISA2000 it is
cumbersome to seach those logs. The world is a much friendlier place with
ISA2004/6.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------


"Bob Randall" <BobRandall@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7BD48600-2497-474B-905B-08A66A8060D9@xxxxxxxxxxxxxxxx
The Internet connection is via 1mb cable connection, so I don't think it
is a
MTU issue. The POP3 access has been working for many months prior to this
problem, and I just can't figure out what the issue is.
Bob

"Sebastian Mancini" wrote:

Hi Bob,

Please, give up more detail about your scenario. May you have a MTU issue
(Maximun Transmition Unit). If your ISP connection is ADSL you have to
configure the MTU size because it run with the Point To Point over
Ethernet
protocol and the fragmentation of packages is less than 1500. so please
give
more detail about the ISP connection.

Usually this kind of issue with POP3 is related with MTU size.

Thank you :)

Regards

Sebastian.

"Bob Randall" wrote:

It turns out there are a few clients that have the Firewall client
installed,
but not everyone. Also, I can now access POP3 from the server and one
of the
clients, but not at any of the others. I checked their settings and
compared
them and there really is no difference. Why would ISA block some of
them and
not all of them? If I bypass ISA completely and go directly to the
ISP's
router, I can get straight to POP3 with no problem, so it isnt anything
external to ISA causing the problem.

HELP!

"Bob Randall" wrote:

I do not have the Firewall client on the workstations, so I don't
think this
applies. Do you have any suggestions to reconfigure POP3 on this
system,
different protocol definitions, etc? I am new to ISA 2000, so I am
kind of
flying blind here ....

Bob

"Shijaz Abdulla" wrote:

Have you seen this?
The Mystery of the Failing POP3 Access with ISA 2000
http://www.isaserver.org/articles/ISA2000_POP3Access.html

http://forums.isaserver.org/m_70201700/mpage_2/key_/tm.htm#2002051644

--
Shijaz Abdulla
MVP, MCSE:Security
www.shijaz.com

This post is provided ''as is'' and confers no rights. Views
expressed are
my own, and not those of anyone associated with me.


"Bob Randall" wrote:

Hello everyone -

I stepped in to help a friend with his small business network and
they are
running SBS 2000 with ISA 2000 configured as their firewall, etc
.... They
are no longer running Exchange server internally, and they moved
to use
externally hosted POP3 mail from another provider. The tech who
switched them
from Exchange to external POP3 did not remove Exchange completely
from the
system (which you may not be able to with SBS 2000 anyways), but
he did set
them up with this external POP3 mail.

They have been using this external POP3 mail for about 6 months
with no
issues at all. Yesterday he called me and asked if I could help
them get
their POP3 mail back. For some reason they are no longer able to
download
their POP3 mail from the externally hosted mail provider via port
110. When I
try and telnet to their external server, I get this error:
"Connecting To
abc.com ...Could not open a connection to host on port 110 :
Connect failed".
It seems to me that something changed internally that is blocking
them from
hitting Port 110 externally for POP3 mail. I am not familiar with
ISA server,
but I checked the system and I see these things:

- There is a Protocol Rule called POP3 that is set for Array,
Action -
Allow, Protocol - POP3, Applies to Any Request - Always.
- There is a Protocol Definition called POP3, Port 110 TCP,
Outbound, that
is set up

What am I missing here? Could ISA 2000 be blocking them now from
accessing
POP3 externally? What can I do to fix this issue?

Any help is greatly appreciated!

Bob




.

Relevant Pages

  • Re: Update Ex2003 auf 2007 - ?
    ... POP3 kommt mit einer Fehlermeldung, OWA wird entweder vom 2003 auf den 2007 weitergeleitet, ins Internet aber ohne Linkübersetzung; bzw unerlaubter Zugriff. ... Wie ist der ISA konfiguriert? ... Dazu mußt Du dann den 2007er Server veröffentlichen. ... IMAP Fehlermeldung (POP3 analog): ...
    (microsoft.public.de.exchange)
  • Re: Update Ex2003 auf 2007 - ?
    ... POP3 kommt mit einer Fehlermeldung, OWA wird entweder vom 2003 auf den 2007 weitergeleitet, ins Internet aber ohne Linkübersetzung; bzw unerlaubter Zugriff. ... Wie ist der ISA konfiguriert? ... Dazu mußt Du dann den 2007er Server veröffentlichen. ... IMAP Fehlermeldung (POP3 analog): ...
    (microsoft.public.de.exchange)
  • Re: ISA 2000 POP3 Issue
    ... The speed of the line doesn't eliminate the MTU as being the problem. ... Understanding the ISA 2004 Access Rule Processing ... Usually this kind of issue with POP3 is related with MTU size. ... externally hosted POP3 mail from another provider. ...
    (microsoft.public.isa.configuration)
  • Re: Help for ISA Server 2004 SE using POP3/SMTP
    ... Are you wanting to collect POP3 mail with the POP ... connector on the server and send it to your users Exchange mailbox or are ... If you run the CEICW wizzard and supply the correct answers ISA will be ...
    (microsoft.public.windows.server.sbs)
  • pop3 publishing ISA 2004
    ... I'm trying to publish smtp and pop3 through isa. ... publishing rules smtp or pop3 work properly. ... the smtp portion by configuring smtp virtual server on isa then ...
    (microsoft.public.isa)