Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SMTP Publishing is not working
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SMTP Publishing is not working - 18.Apr.2006 5:47:34 PM
|
|
|
ewilson
Posts: 23
Joined: 17.Apr.2006
From: Chicago north suburbs
Status: offline
|
I have the seemingly common problem of being unable to reach my mail server through ISA.
The SMTP traffic reaches ISA on the expected IP, but is denied by ISA with the default rule, stating "Policy Rules Denied"
1)The mail server is on an internal network, and published to an IP in the "External" network. I get the same result when trying to use the mail server publishing wizard or the server publishing wizard
2)The IP that ISA is supposed to be listening on is not defined in any network in ISA (hence it is part of the "External" network) It is assigned to ISA's external NIC.
3)Running netstat -an on the ISA server shows me that there is NO LISTENER FOR PORT 25 on the external IP. This is likely the problem, but how do I fix it? I have re run that wizard 100 times and 10 different ways without getting a listener showing on port 25. This happens on two separate ISA servers with the latest service pack. I am at a total loss here.
4) Running FWENGMON /C, I'm sure ISA is not listening at all. I really don't understand what is being displayed here, but I know enough to know that what I am looking for is missing:
Creation Objects:
ID Protocol Source Destination One-Shot
-- -------- ------ ----------- --------
3 TCP(6) 0.0.0.0:0 192.168.44.130:1745 No
5 TCP(6) 0.0.0.0:0 192.168.44.130:8080 No
2 TCP(6) 0.0.0.0:0 192.168.44.194:1745 No
6 TCP(6) 0.0.0.0:0 192.168.44.194:8080 No
1 TCP(6) 0.0.0.0:0 192.168.44.226:1745 No
4 TCP(6) 0.0.0.0:0 192.168.44.226:8080 No
74 TCP(6) 192.168.44.131:0 192.168.44.227:1025 No
I assume I should see my "Public" IP (the External address I specified in the publishing rule) (192.168.151.x) in this list, but I don't. I also don't see the internal IP of my mail server (192.168.44.231)
Anyone have any ideas?
Thanks
< Message edited by ewilson -- 18.Apr.2006 9:31:50 PM >
|
|
|
|
|
RE: SMTP Publishing is not working - 19.Apr.2006 1:29:45 AM
|
|
|
ewilson
Posts: 23
Joined: 17.Apr.2006
From: Chicago north suburbs
Status: offline
|
My issue is now solved, after a couple hours with MS PSS.
My ISA firewall protects 3 "internal" networks. The mail server is on one, for the sake of example let's call this network "private1"
I have two more custom named internal networks, let's call them "private2" and "private3".
Now, server publishing rules depend on the built-in Internet Access network rule (or I suppose a custom network rule which serves the same purpose), which sepcifies a NAT relationship between THE (built in) Internal Network (and a couple others by default), and THE (built in) External Network.
In my case, becuase I had named my internal networks "private1","2" and "3," I needed to modify the default Internet Access network rule to include those custom networks in the "From" sources. As soon as we added "private1" (the network containing the Mail server) to the "From" sources in this network rule, SMTP traffic was able to pass through ISA to the mail server.
So, think of the internet access rule , and the NAT relationship it provides between your internal networks and anything external as facilitators for server publishing. On the flip side of my issue, if you have an external network or network rule element defined for network that is external to ISA, you would need to add them to the "To" destinations in the internet access network rule, because they are no longer part of THE (built in) External Network.
HTH
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
