I have switched our email to external pop accounts and now I have to restart ISA server twice a day. I have read this article:http://www.isaserver.org/articles/ISA2000_POP3Access.html, but, this uses the firewall client, which I am not using. Here is my set up: dsl modem--> netopia router with secureNAT turned on --> Windows2003 server/ISA 2000 server --> clients.
This setup was working fine until I started using an offsite vendor for our email. IT looks like the polling nature of POP is just making an existing problem worse. I am thinking of replacing the netopia with a plain netgear router/firewall and turning off the secureNAT. We don't need it, it was there when I started working here. Any suggestions. My clients are not too happy :-).
Hi, Thanks so much for replying to my post. 1. at the time the POP3 access is failing, is there anything reported in the ISA logs and/or the Windows event log? <-- nothing in the ISA log (which I had to turn on) and nothing in the Window event log. 2. do you really need to restart the ISA server or only the Firewall service? <-- I have been restarting the ISA service. When I click on restart it asks me if I want to restart the firewall service as well. 3. when you place a workstation on the same segment as the ISA external interface, do you see the same problems? <-- I have not tryed that. I should have now that you say it. When we have the problem, we restart the ISA service to get everyone back up and running. I will try that. 4. do you run the latest ISA 2000 service packs (FP1 + SP2)? <-- How do you check if you have FP1? Do you have a link where I can download it? 5. to exclude any client program failure, can you reproduce the problem with the simple command file mentioned in my article The Mystery of the failing POP3 Access with ISA 2000 ? <-- when the problem is happening, yes. --- Begin --- echo off :Start netsh diag connect iphost FQDN 110 GOTO Start --- End ---
6. There is something that is interesting about this env. I'm new here. The clients are not running the firewall client, and they are not running the secureNAT. But the cheap looking Netopia router is set to SecureNAT. I was going to swap out the netopia for netgear to see if the problem may be between the Win2k server and the Netopia router. When I restart the ISA service, that of course, releases any port issues between the external interface and the netopia, and it flushes the client connections on the internal interface. So with the replacement router I was going to not turn on secureNAT. There is no reason for it in this shop since I just moved our DNS record (MX record and all) and our website to an external vendor, Network Solutions.
clients are not running the firewall client, and they are not running the secureNAT.
Please post the result of the following commands *unmodified*: - ipconfig /all on ISA - route print on ISA - ipconfig /all on an internal workstation (POP3 client) - route print on an internal workstation (POP3 client)
Note: if you like to keep the above info private, send me a private message with that information.
< Message edited by spouseele -- 19.Aug.2007 6:34:57 AM >