All PCs in our LAN have installed MS Firewall Client in order to access Internet via MS ISA Server.I have created a rule to enable SMTP,POP3 and DNS Query protocol for any MS Firewall Client. I added an email account in Outlook Express of a client PC. I am sure that the pop3 and smtp host domain is no problem.
But when I checked that inbox, OE told me that it couldn't find pop3 and smtp host! I didn't set any DNS Server for this client as I think Firewall Client would forward this DNS Query to MS ISA Server while ISA Server could do this.
Posts: 4
Joined: 10.Feb.2002
From: St. Louis, MO.
Status: offline
I cannot get Outlook 2000 or Outlook EXP to connect to POP3 or NNTP servers. I can resolve the ip's for the servers but cannot connect to check email. Hotmail connections within OLEXP works fine. I have POP3, SMTP, and NNTP filters allowing access and My protocal rule allows all IP traffic. MSN instant messanger and other apps work fine, my internal computers are Firewall clients. What's wrong with POP3 and NNTP?
some questions: - have you already checked your FWlogs? - are the request ever hitting the ISA? - what are the FQDN's of the pop3, smtp and nntp servers you want to contact?
Posts: 4
Joined: 10.Feb.2002
From: St. Louis, MO.
Status: offline
quote:Originally posted by spouseele: Hi,
some questions: - have you already checked your FWlogs? - are the request ever hitting the ISA? - what are the FQDN's of the pop3, smtp and nntp servers you want to contact?
Give us as much info as possible...
Regards, Stefaan
Ok I checked my logs and none of them list a single entry for ports 110 or 119. Does that mean that the requests are not hitting the ISA server? My clients are Fire Wall Clients and MSN Instant Messenger connects fine so I know those are being sent to the server. I have a SecureNAT client running Linux and have the same result if I try to make Fetchmail go to the POP3 server.
the FQDN's of my servers are: mail.directvinternet.com, smtp.directvinternet.com, and news.directvinternet.com. My SMTP is working fine the Linux box is sending out and the logs show that port 25 is getting positive responces for connections out, I'm not allowing anything in just yet.
the FQDN's seems to be OK (they resolve from the outside). If the Linux as SecureNAT client can do SMTP, does it also works for POP3 and NNTP?
A big difference between SecureNAT and FWclient is that for SecureNAT the client does the DNS resolving. Normally, the ISA is doing DNS resolving on behalf of the FWclient. So, could you check in the FWlog if you see from the FWclients an entry with the operation = GHBN (Get Host By Name). Normally this should be followed with a operation = connect if the FWclient is authorized. If that's not happening, what if you fill in on the FWclients the DNS servers as used by the SecureNAT clients?
Posts: 4
Joined: 10.Feb.2002
From: St. Louis, MO.
Status: offline
quote:Originally posted by spouseele: Hi,
the FQDN's seems to be OK (they resolve from the outside). If the Linux as SecureNAT client can do SMTP, does it also works for POP3 and NNTP?
A big difference between SecureNAT and FWclient is that for SecureNAT the client does the DNS resolving. Normally, the ISA is doing DNS resolving on behalf of the FWclient. So, could you check in the FWlog if you see from the FWclients an entry with the operation = GHBN (Get Host By Name). Normally this should be followed with a operation = connect if the FWclient is authorized. If that's not happening, what if you fill in on the FWclients the DNS servers as used by the SecureNAT clients?
Greetings, Stefaan
The Linux box can't connect to the POP3 server (mail.directvinternet.com) I haven't tried NNTP on that box. My Linux Box uses my internal DNS server for name resolution, I can us NSLOOKUP on my XP workstation and get the IP address' for the servers. I have also tried using the IP address for the POP3 server instead of FQDN that dosen't work either.
My only guess is that the ISA server is blocking 110 & 119 for some reason or the clients aren't going through the ISA server. Neither of those possibilities make sense to me, all other apps work fine & i'm allowing all internal clients access to all protocals and all destinations.
but... if ISA server is blocking 110 & 119 for some reason you should find a trace of that in the logfiles! However if you find nothing in the logfiles, it is likely that the clients aren't going through the ISA server. Then you should first double check your internal routing.
RE: OE can't find smtp and pop3 host! - 26.Feb.2002 12:25:00 AM
Guest
i have a isa server and behind one client...just for testing around with networking. i installed isa in the integrated mode, set site and content rules to allow every site and the protocol rule to allow every ip-traffic. besides i installed the firewall client on my second pc.
anyway, i couldnt send or receive any mails over my isp-account(swissonline) but over hotmail everything worked fine. although i had not any problem besides sending mail(http,https,ftp,icq,games...), till i forced oe in the settings of an account to use "lan" (cause i got cable)...and now it works at least on my client.... the use of oe on the isa-server itself is another history i could not yet achieve to resolve it.....
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2000 Firewall] >> General >> OE can't find smtp and pop3 host! 
OE can't find smtp and pop3 host! - 
![[Smile]](/image/smiles/smile.gif)
RE: OE can't find smtp and pop3 host! - 
RE: OE can't find smtp and pop3 host! - ![[Frown]](/image/smiles/frown.gif)
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread