Re: Cannot access SMTP server published via ISA server 2004
- From: "Johan Engdahl" <johan@xxxxxxxxxxxx>
- Date: Thu, 1 Mar 2007 09:07:03 +0100
You say you have a range of IP´s to use being pointed out from your ISP
router, but as I understand it you´ve configured a publishing rule for your
SMTP server using the IP of the ISA external NIC.
Why don´t you create a listener on another IP and use that instead ?
--
----------------------------------------------------------------------------------------------------------------------------
Johan Engdahl
CCSA, CCSE, CCA, MCP | johan AT firewall1 DOT nu | http://www.firewall1.nu
"IanP" <IanP@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E3D02D6D-7DBF-40CA-9E58-FD6A3F5DD934@xxxxxxxxxxxxxxxx
Hi,
I'm trying to resolve a situation where an Exchange server is
published (for incoming SMTP) via ISA Server 2004, but SMTP
connections from the outside world are refused. Any help would
be appreciated.
The configuration is :-
- Site has an Exchange Server (Windows 2000)
- Site has an ISA Server (2004)
- Site Internet router has a static IP range, one IP of which
is being used for ISA server.
- ISA server has a static world-visible IP address on one
Ethernet card
- ISA server has a second Ethernet card with IP address 192.168.0.1
- ISA server's external IP address is the primary MX for the domain.
- Exchange server has a single Ethernet address on 192.168.0.12
- Internet Router has a firewall hole for (ALL) allowing incoming
TCP Port 25 connections to the ISA server's external IP address
- ISA server has a rule which says "Allow protocol SMTP, from
External to Localhost"
- ISA server has a server publishing rule which says "Protocol SMTP,
from External+LocalHost to 192.168.0.12 (and the "Connections appear
to come from ISA server" option set)
This all seems correct, but when I TCP connect to the ISA Server
world-visible IP address on port 25 I get "connection refused" (A
real TCP connection refused, not a timeout) and on the ISA server
logs I see the following :-
DestinationIP Port Protocol Action Rule
Client IP SourceNetwork DestinationNetwork
exchange.server.addr 25 SMTP "Initiated Connection" "Incoming SMTP
rule" my.own.server.ip External Localhost
exchange.server.addr 25 SMTP "Closed Connection" "Incoming SMTP
rule" my.own.server.ip External Localhost
Connectivity from the ISA server to the Exchange server seems fine,
from the ISA server I can telnet port 25 on the Exchange server and
see the SMTP banner. Connectivity from the Exchange server to the ISA
server and the outside world also seems fine.
I've tried deleting and re-creating all of the rules, I've restarted
all services (and even restarted all of the involved machines and the
router), but I still see the same problem.
Any ideas or suggestions would be very welcome!
Thanks
.
- Prev by Date: Re: Cannot access SMTP server published via ISA server 2004
- Next by Date: Re: Cannot access SMTP server published via ISA server 2004
- Previous by thread: Re: Cannot access SMTP server published via ISA server 2004
- Next by thread: Re: Cannot access SMTP server published via ISA server 2004
- Index(es):
Relevant Pages
|
