Domain controller has two nics. One for external connection and one for internal connection. Domain controller is also loaded with ISA. My second exchange box has address of 192.162.200.7 which I got while creating ISA server.

My exchange box as well as domain controller can connect to internet. No prob.

I have my dns2go client is loaded at domain controller. And my internal DNS service is also running there. I have created MX record there and said that my mail server is exchange1. Also there is host record of exchange1. I can send mail outside but I cannot receive it...

Any help would be highly appreciated.

If you have Exchange and a DC on the same box, you've got a relatively complex setup. It will work, but you have to cross T's and I's perfectly. I don't know how dns2go works, but I have a similar configuration working with TZO.

Here's a quick tip: make sure you disabling socket pooling for all the services running on the ISA Server, and make sure the DNS server listens only on the internal interface of the ISA Server.

HTH,
Tom

------------------
http://www.isaserver.org/shinder/

Get It Here!

2. What do you mean by DNS server listens only on internal interface ? How do I do this ? Any web site address or your small notes would be highly appreciable.

B. Are you hosting a TLD (Top Level Domain, such as www.mydomain.com) or a subdomain (such as mydomain.dns2go.com)?

C. Have you checked your logs to see if SMTP (port 25) traffic is being dropped, or just not showing up at all?

D. Have you actually "published" the exchange server (see learning zone for articles)?

I have the same setup, but both servers are DCs and I am using Exchange 2K with no problems hosting mail (except when the outside ISA NIC was using DHCP from RoadRunner) and I use TZO to host my TLD.

------------------
Regards,

clutch

Web server stalled, and wound up with a double post.

/Edit

[This message has been edited by clutch (edited 15 January 2002).]

1. Yes people can ping outside. Like himal.dns2go.com

2. Its the sub domain under dns2go.

3. For publishing, do you know which articles you are pointing to ?

4. Are your win2k domain controller and exhange 2000 server are same box or different box ? And is ISA installed in win2K domain controller ?

4. Yes, I have 2 servers, both of which are AD DCs (you should *always* have a minimum of 2 DCs for replication of the AD and DNS databases). One is running ISA server, and the other is running Exchange 2000, SQL 2000, and IIS with a couple of published websites and an FTP site. Oh, and it hosts Terminal Services and my TZO client for me as well.

------------------
Regards,

clutch

------------------
Regards,

clutch

===========================================

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

Administrator@himal.dns2go.com

Reporting-MTA: dns;hotmail.com
Received-From-MTA: dns;mail.hotmail.com
Arrival-Date: Mon, 14 Jan 2002 20:54:21 -0800

Final-Recipient: rfc822;Administrator@himal.dns2go.com
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 Unable to relay for
Administrator@himal.dns2go.com

=============================================

Any idea clutch ?

go to recipient policy and configure default policy.

see http://www.lochihang.dynamic-site.net/setup1.bmp

configure Email Address and smtp to recieve your dns2go domain rather than Win2K dns domain.

see http://www.lochihang.dynamic-site.net/setup2.bmp

Try it!

Also, when I was asking about your logs, I am asking for your "Packet Filter" log from your ISA box. Do you have that enabled?

------------------
Regards,

clutch

BUT, BUT....

If I put my domain controller and Exchange in one box (absolutely one box) - I can get and send mail to my @himal.dns2go.com domain - no problem.

The problem only happens when I make exchange as my seperate server.

My domain controller is one server. And my exchange is another box. Its advance server. The IP of exchange is that assigned by or wihtin the perimeter of second nic of ISA server, that is 192.168....range.

When I last spoke with dns2go guy, he told me that the message is deliverable to only exact server - that is the server where himal.dns2go.com is hosting. But, once I use DNS of my own for internal_name_space (like my exchange box's dns address is : exchange1.himal.dns2go.com) - then my domain controller box which is jovan.himal.dns2go.com should able to route the mail to my exchange box - THAT IS WHAT IS NOT HAPPENING...??

#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2002-01-08 03:59:14
#Fields: date time source-ip destination-ip protocol param#1 param#2 filter-rule interface
2002-01-08 03:59:14 10.128.1.98 207.68.172.254 Tcp 3201 80 BLOCKED 10.128.1.98
2002-01-08 03:59:20 10.128.1.98 207.68.172.254 Tcp 3201 80 BLOCKED 10.128.1.98
2002-01-08 04:02:13 10.128.1.98 207.68.172.254 Tcp 3219 80 BLOCKED 10.128.1.98
2002-01-08 04:02:19 10.128.1.98 207.68.172.254 Tcp 3219 80 BLOCKED 10.128.1.98
2002-01-08 04:04:25 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:04:25 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:04:28 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:04:28 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:04:31 10.128.1.98 192.223.181.135 Tcp 3417 80 BLOCKED 10.128.1.98
2002-01-08 04:04:34 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:04:34 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:04:40 10.128.1.98 207.68.172.254 Tcp 3421 80 BLOCKED 10.128.1.98
2002-01-08 04:04:44 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:04:44 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:04:46 10.128.1.98 207.68.172.254 Tcp 3421 80 BLOCKED 10.128.1.98
2002-01-08 04:04:54 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:04:54 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:05:01 10.128.1.98 207.68.173.253 Tcp 3422 80 BLOCKED 10.128.1.98
2002-01-08 04:05:04 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:05:04 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:05:07 10.128.1.98 207.68.173.253 Tcp 3422 80 BLOCKED 10.128.1.98
2002-01-08 04:05:14 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:05:14 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:05:20 10.128.1.98 207.46.189.15 Tcp 3358 80 BLOCKED 10.128.1.98
2002-01-08 04:05:22 10.128.1.98 207.68.173.254 Tcp 3425 80 BLOCKED 10.128.1.98
2002-01-08 04:05:24 12.23.132.20 10.128.1.98 Tcp 80 3314 BLOCKED 10.128.1.98
2002-01-08 04:05:24 12.23.132.20 10.128.1.98 Tcp 80 3313 BLOCKED 10.128.1.98
2002-01-08 04:05:28 10.128.1.98 207.68.173.254 Tcp 3425 80 BLOCKED 10.128.1.98
2002-01-08 04:05:43 10.128.1.98 207.68.171.253 Tcp 3426 80 BLOCKED 10.128.1.98
2002-01-08 04:05:49 10.128.1.98 207.68.171.253 Tcp 3426 80 BLOCKED 10.128.1.98
2002-01-08 04:06:04 10.128.1.98 207.68.171.254 Tcp 3427 80 BLOCKED 10.128.1.98
2002-01-08 04:06:10 10.128.1.98 207.68.171.254 Tcp 3427 80 BLOCKED 10.128.1.98
2002-01-08 04:06:31 10.128.1.98 207.68.172.254 Tcp 3431 80 BLOCKED 10.128.1.98
2002-01-08 04:06:37 10.128.1.98 207.68.172.254 Tcp 3431 80 BLOCKED 10.128.1.98
2002-01-08 04:06:55 10.128.1.98 207.68.172.254 Tcp 3434 80 BLOCKED 10.128.1.98
2002-01-08 04:07:01 10.128.1.98 207.68.172.254 Tcp 3434 80 BLOCKED 10.128.1.98
2002-01-08 04:07:16 10.128.1.98 207.68.173.253 Tcp 3435 80 BLOCKED 10.128.1.98
2002-01-08 04:07:22 10.128.1.98 207.68.173.253 Tcp 3435 80 BLOCKED 10.128.1.98

------------------
Regards,

clutch

I haven't tried ISA also in the same box. It will make a hell lot of complex.

So, what I wanted to do is Domain controller and ISA in one box and Exchange in another box.

I have published with secure mail rule the mail server and IP address all says about internal NICs.

Help me - please ??

Check out www.isaserver.org/shinder for some tips on configuring your domain controller to run ISA. More later on putting Exchange on the same server (BTW - it will work!).

HTH,
Tom

------------------
Dr. H.
------------------
http://www.isaserver.org/shinder/

Get It Here!

BTW, I got the reply...

------------------
Regards,

clutch

I told several times, that if I put everything in one box, it works fine - WITHOUT ISA - haven't tried putting ISA in the same box...I got your mail and I replied back also. The server has everything on it...like win2k doamin controller, exchange 2000 and dns2go client everything in one box..that is working..

I'm not concern with that..

My concern is when I put win2k domain controller and ISA in one server and Exchange in another server, then it does not work...this is where I need help...

------------------
Regards,

clutch

Yes, I have one IP, one MX record and one line.

My private address is 10.128.1.98. This is mapped one to one to my internet address

Now I build one domain controller with two nics on it..and used above address to external nic and internal nic has 192.168.200.2 address. Everythig is pingable.

While installing ISA - I defined range of addresses which will go thru ISA server. One of them is 192.168.200.7 - this address I have used in my another box - which is advance server and exchange is installed on it...gateway is pointed to ISA server internal nic

I can browse the internet. I can send the mail but I cannnot receive it...

Is that packet filter log is correct or not correct.

Forget about "other" or "second" exchange server. Now the MX record is pointed to the internet as himal.dns2go.com

And for internal process, I created MX record in my DNS server as exchange1.himal.dns2go.com so that mail will be routed to my exchange1 box.

Hope you understand now. I have only one exchange server behind the ISA server.