• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SMTP via FWC Problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> SMTP via FWC Problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
SMTP via FWC Problem - 18.Jul.2002 12:10:00 PM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Hi All...
Problem - internal clients cannot access external smtp servers using the FWC. Using SecureNAT this works fine. What could the problem be ?

LogFile
10.0.0.16 TheUserN telnet.exe:3:5.0 2002-07-18 10:07:20 TheISASRV1 - MailSRVIPAddi 25 - - - 25 TCP Connect 0 42 184
10.0.0.16 TheUserN telnet.exe:3:5.0 2002-07-18 10:07:20 TheISASRV1 - MailSRVIPAddi 25 - - - 25 TCP Connect 0 42 184

Protocol rules are enabled to allow external access to all users wanting to use SMTP outbound this does not work. WHY ???

Thanks
SM
Post #: 1
RE: SMTP via FWC Problem - 22.Jul.2002 2:18:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Any ideas from anyone ???

(in reply to SanMan)
Post #: 2
RE: SMTP via FWC Problem - 24.Jul.2002 6:51:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
So I guess that nobody know anything about the Firewall Client and setting up user authorisation.

(in reply to SanMan)
Post #: 3
RE: SMTP via FWC Problem - 24.Jul.2002 7:44:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Now we are getting somewhere... I ran the Ethereal Proggie in order to find out what packets are being sent where details are as follows...
Client message: Hello
Server message: Hello Acknowledge
Client message: Hello
Server message: User Info Acknowledge
Client message: Resolve
Server message: Resolve Acknowlegde
Client message: Connect
Server message: Connect Acknowledge
Client message: User Info Acknowledge

Drilling down till the last comment before the error ...

MS Proxy Protocol
Client ID : 0x1587644
Version : 0x30100
Server ID : 0x37c11500
Server ack : 1
Sequence Number : 2
RWSP Signature : RWSP
Command : 0x400 (User Info Acknowledge)
Unhandled request command (report this, please)

Does anyone know why this happens ??? SPOUSEELE ???

Many Thanks

(in reply to SanMan)
Post #: 4
RE: SMTP via FWC Problem - 25.Jul.2002 12:19:00 AM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi SanMan,

you got my attention! [Big Grin]

It seems you have read my article about the FWC. Thanks! Don't bother about the 'Unhandled request command (report this, please)' in the Ethereal trace. It's a failure in the MS Proxy protocol decoder of Ethereal itself! [Razz]

In the Ethereal trace the RWSP sequence seems to be OK. After the 'Server message: Connect Acknowledge' do you see the client setting up a TCP connection? You should!

In the logfile, is the Result code (field sc-status) = 0? It's hard to tell because it seems you have not enable ISA to log all fields or you have not posted the whole line.

HTH,
Stefaan

(in reply to SanMan)
Post #: 5
RE: SMTP via FWC Problem - 25.Jul.2002 10:38:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

Sounds like the external mail server is not responding. Run a NetMon on the external interface of the ISA Server.

Also, turn on Rule#1 and Rule#1 in the log files.

HTH,
Tom

(in reply to SanMan)
Post #: 6
RE: SMTP via FWC Problem - 29.Jul.2002 1:17:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Hi Tom and Stefaan,

Well I have the enabled full logging now and details are listed from the server -

10.100.100.100 SanMan01 telnet.exe:3:5.0 N 2002-07-28 22:47:40 fwsrv ISAServer1 - smtp.xtra.co.nz 203.96.92.131 - - - - - - GHBN - - - 0 - - Allow rule 5211 0
10.100.100.100 SanMan01 telnet.exe:3:5.0 N 2002-07-28 22:47:41 fwsrv ISAServer1 - - 203.96.92.131 25 - - - 25 TCP Connect - - - 0 - SMTP Access Users Allow rule 5211 81408
10.100.100.100 SanMan01 telnet.exe:3:5.0 N 2002-07-28 22:47:41 fwsrv ISAServer1 - - 203.96.92.131 25 40 - - 25 TCP Connect - - - 0 - SMTP Access Users Allow rule 5211 81408

When I disable the firewall client and connect to the same remote mail server this is done successfully... strange though that in the FWC logs the following is discovered -

10.100.100.100 - - N 2002-07-28 23:02:49 fwsrv ISAServer1 - - 203.96.92.131 25 40 - - 25 TCP Connect - - - 0 - SMTP Access Users Allow rule 5228 81546

The group SMTP Access Users is set to allow any request outbound... no security, but I have disabled my firewall client so why is it logged in the FWC logs ???

Here are the IP Log entries -

2002-07-28 23:19:07 203.96.92.131 10.100.200.200 Tcp 25 63312 PSH ACK ALLOWED 10.100.200.200 45 00 00 74 31 85 40 00 3d 06 77 93 cb 60 5c 83 ca 25 a2 62 00 19 f7 50 ea 0c 07 6a bc cf 59 b4 50 18 60 f4 5b b6 00 00
2002-07-28 23:19:07 10.100.200.200 203.96.92.131 Tcp 63312 25 ACK ALLOWED 10.100.200.200 45 00 00 28 44 a9 40 00 80 06 00 00 ca 25 a2 62 cb 60 5c 83 f7 50 00 19 bc cf 59 b4 ea 0c 07 b6 50 10 44 24 d7 93 00 00

Please contact me should you require any further details... many thanks

SanMan

(in reply to SanMan)
Post #: 7
RE: SMTP via FWC Problem - 29.Jul.2002 10:18:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi SanMan,

according to your logs, the SMTP connection is allowed and seems to succeed (result code = 0). Because you didn't show the close of the connection, I can't determine if there was effectively data exchanged.

BTW --- all Firewall and SecureNAT request are logged in the Firewall log! [Big Grin]

HTH,
Stefaan

(in reply to SanMan)
Post #: 8
RE: SMTP via FWC Problem - 30.Jul.2002 1:05:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Stefaan,
That all that the log shows, there is no end of connection... only those three entrys... what happens on the client screen is shown below :

H:\>telnet smtp.xtra.co.nz 25
Connecting To smtp.xtra.co.nz...Could not open a connection to host on port 25 :
Connect failed

Thats is... weird :/

Rgds
San

(in reply to SanMan)
Post #: 9
RE: SMTP via FWC Problem - 30.Jul.2002 4:50:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
OK it has been fixed... apparantly there seems to be a problem with the authentication mechanism. A package called Webfldrs was installed on the server and this could have modified the winmgmt and msinfo files which in turn caused UserEnv 1000 error in the application log. I applied to MS for a hofix and this resolved my problem, here is the KB article Q285192.
Many Thanks for all the ideas guys.
San

(in reply to SanMan)
Post #: 10
RE: SMTP via FWC Problem - 30.Jul.2002 1:09:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi SanMan,

good to hear you got it working and thanks for the follow up! [Smile]

Thanks,
Stefaan

(in reply to SanMan)
Post #: 11
RE: SMTP via FWC Problem - 31.Jul.2002 7:20:00 AM   
SanMan

 

Posts: 50
Joined: 23.Feb.2001
From: ZA
Status: offline
Hi All,

SP3 for Windows 2000 has been release and contains this fix... so if you apply it it should fix the problem... not too sure whether it will break anything else [Razz] But let me know if it does.

Rgds
San

(in reply to SanMan)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> SMTP via FWC Problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts