Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
POP3 for internal clients to internal POP3 server
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
POP3 for internal clients to internal POP3 server - 16.Jul.2007 9:00:14 AM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Hey.
ISA 2006 E in Europe office. Internal IPs are 10.0.0.0 subnets. DMZ interface 192.168.0.0 subnets. ISA has one foot in internal and one in DMZ.
POP3/SMTP servers are Ex2003 with FE/BE configuration.
I have POP3 users who want to use it internally as well as externally. I want to use the same DNS names I use for external and internal OWA services. I can get OWA working externally/internally through the ISA server, but i can't get POP3 working internally. it works externally, though.
Any suggestions on how to get ISA to pass POP3 from internal clients to the internal POP3 server?
Thanks
PS
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 19.Jul.2007 2:37:01 PM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Tom,
The user is not making direct connections to the pop3 server when they are on the wan. We have a lot of users who bounce from outside to inside and due to the way the clients and servers were set up, they decided to use the same fqdn for owa and pop3.
So a pop3 user on the outside uses the same name to access pop as an outside owa user.
When the pop users come inside, they can't get mail because the fqdn on the inside points to the inside interface of the ISA server. OWA can work like this, but I can't seem to get pop to work like this.
Fortunatly it's just pop3 port 110. smtp inbound is a different name.
Thanks
PS
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 23.Jul.2007 9:07:37 PM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: online
|
Hi Paul,
No problem! That's how it should be set up. All you need to do is create a split DNS. Will take less then five minutes.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 24.Jul.2007 9:21:44 AM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Already have a split DNS.
OWA site internally resolves to the inside interface on the ISA servers. Outside OWA resolves to the internet IP on the PIX then is NAT'ed to the DMZ interface on the ISA.
So all OWA traffic goes to the ISA servers, whether it's internal or external.
I want POP3 to do the same. All Exchange traffice will be routed to the ISA server for processing first, wheter it's internal or external.
I have OWA working on the inside interface of the ISA server. The requests come from the users and appear on the inside interface of the ISA server. ISA processes the request and sends it back out the inside interface to teh Ex FE servers.
But POP3 does not want do this for some reason.
Thanks!!
PS
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 24.Jul.2007 10:43:39 AM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: online
|
Change the DNS resource record for the POP3 server to be the internal address of the POP3 server on the network. You can't bounce off the ISA Firewall for non-Web protocols unless you have the Firewall client installed on the clients, and even then, it's a hit or miss situation.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 24.Jul.2007 10:51:16 AM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Ouch.
Both owa and pop use the same fqdn but different ports obviously.
That means I need to change all my pop3 clients to go to a new fqdn, or tell all the owa users to go to a different one.
Trying to get them all converted to RPC/HTTPS anyway. Maybe this will speed up the process. Still have some legacy clients, though.
Thanks!!
PS
|
|
|
|
|
RE: POP3 for internal clients to internal POP3 server - 25.Jul.2007 9:45:58 AM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: online
|
Hi Paul,
Sorry I couldn't give you better news. Yes, in order for the split DNS to work in this scenario is to have different host names for the POP3 and OWA servers, even if they are the same machine on the internal network.
Get RPC/HTTP running first, then you'll have fewer clients that you'll need to reconfigure after making the DNS changes.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
