• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange Publishing

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> General >> Exchange Publishing Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange Publishing - 20.May2005 2:59:00 PM   
adisegna

 

Posts: 49
Joined: 26.Mar.2005
From: Palm Beach Gardens Florida
Status: offline
I am trying to publish my Internal Exchange server with ISA 2004.

I set up a publishing rule according to the documentation. The rule is not catching the traffic for some reason and it is beig passed to the default DENY rule. The log shows deny for every packet hitting the External interface with a destination port of 25. Instead of forwarding it to Exchange to handle.

Now the real story. I have a static translation on my PIX that says anything addressed to the Public ip used for mail forward to the internal network IP of the Exchange server. I had to change this to point to the external interface of the ISA server. So now it says anything addressed to the public IP translate to the External interface of the ISA server. Is the traffic being denied because traffic is being forced to External? I thought the ISA Publishing rule would take anything addressed to External with a destination port of 25 and forward it to my Exchange server?

Current network looks like this:

PIX Outside interface is a public IP
PIX Inside is 192.168.1.1 /30
ISA External is 192.168.1.2 /30
ISA Internal is 172.16.0.0

I also thought I had a routing problem on the PIX but the packets are bouncing of the External interface of the ISA server.

The network used to look like this
PIX Outside interface is a public IP
PIX Inside is 172.16.0.$ (corp. network)

I trying the parallel PIX ISA server thing until I am comfortable with ISA 2004's abilities.

Any ideas?

Thanks
Post #: 1
RE: Exchange Publishing - 21.May2005 4:14:00 PM   
adisegna

 

Posts: 49
Joined: 26.Mar.2005
From: Palm Beach Gardens Florida
Status: offline
I finally have the PIX configured and forwarding correctly.

I created a firewall policy using "Publish a Mail Server" wizard

The ISA 2004 is denying the traffic....

The Headers of my log:
Action, Clent IP, Source Net, Source Port, Destination IP, Destination Net, Destination Port, Protocol, Rule

The data which matches the header in order:
Denied conneciton, public IPs, External, upper port range (ex. 2949), 172.16.0.254 -my exchange server, Internal, 25, SMTP, the rule is blank (why is that)?.

I hope this makes sense.

I also get an alert "Server Publishing Failure" there was no vailid listener.

Thanks

(in reply to adisegna)
Post #: 2
RE: Exchange Publishing - 22.May2005 8:52:00 AM   
adisegna

 

Posts: 49
Joined: 26.Mar.2005
From: Palm Beach Gardens Florida
Status: offline
Yes, I am answering my own questions on this thread.. Funny how sleep helps.

I realize the reason ISA is denying the connections is because the SMTP publishing rule expects connections from SMTP to SMTP. From port 25 to port 25. It appears that external mail servers are sending mail from unpriveleged ports. I tested this by sending mail from my gmail account. Has anyone seen this??

Thanks

(in reply to adisegna)
Post #: 3
RE: Exchange Publishing - 22.May2005 10:06:00 AM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
Have you tried running a sniffer trace to confirm your theory?
Have you tried to telnet to port 25 as a test?
Have you confirmed that no AV soft is blocking port 25?

(in reply to adisegna)
Post #: 4
RE: Exchange Publishing - 23.May2005 11:29:00 AM   
adisegna

 

Posts: 49
Joined: 26.Mar.2005
From: Palm Beach Gardens Florida
Status: offline
Ethereal installed on ISA confirms this. Here is the capture.

Source: 64.233.170.195 (64.233.170.195)
Destination: 172.16.0.254 (172.16.0.254)
Transmission Control Protocol, Src Port: 12212 (12212), Dst Port: smtp (25), Seq: 0, Ack: 0, Len: 0
Source port: 12212 (12212)
Destination port: smtp (25)

ISA is blocking the packet. Symantec Corporate Virus protection only (not the firewall client) is istalled on ISA and Exchange. Exchange can receive email no problem when I route packets directly to the exchange server. This demonstrates that AV is not the problem because the same version is installed on both servers. The variable is ISA 2004 and the fact that mail servers are sending mail from unpriveleged source ports. It's like the webservers are sending mail through proxies.

Any ideas?

(in reply to adisegna)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> General >> Exchange Publishing Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts