• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

MS Exchange Issue

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Server Publishing >> MS Exchange Issue Page: [1]
Login
Message << Older Topic   Newer Topic >>
MS Exchange Issue - 16.Dec.2003 4:34:00 AM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
I know I've seen this issue before somewhere, but it's late and I can't remember for the life of me what causes this.

I have an ISA Server, 192.168.0.5. Behind it, I have a published Exchange 2003 Server, 192.168.0.1.

when I attempt to telnet to port 25 of external interface of the ISA Server which is published to the server running exchange, and then I issue the helo command, i recieve a response of:
250 blah.domain.com Hello [192.168.0.5]

which is the internal IP of the ISA Server. I am attempting this from multiple connections on the outside network and consistantly get the same response.

Email still functions properly as in receiveing and sending, but I know it's not supposed to respond this way. Anyone have any ideas on what causes this?

Thanks in advance.
Post #: 1
RE: MS Exchange Issue - 16.Dec.2003 2:28:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

I think that is the correct behavior.

Have you noticed something different in the past?

Thanks!
Tom

(in reply to Aubrey)
Post #: 2
RE: MS Exchange Issue - 16.Dec.2003 5:07:00 PM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Well, with most exchange or smtp server setups, typically the helo command returns the originator's IP address, not the IP of the ISA Server publishing the SMTP server. And, I have other setups just like this where it does function as expected.

Thanks for the reply and any other info or data you can provide.

(in reply to Aubrey)
Post #: 3
RE: MS Exchange Issue - 16.Dec.2003 7:04:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

My bad. I thought it was returning the address of the SMTP server that you were publishing. You are correct that this isn't right. Disable the SMTP service on the ISA firewall and see what happens.

HTH,
Tom

(in reply to Aubrey)
Post #: 4
RE: MS Exchange Issue - 16.Dec.2003 10:38:00 PM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Thanks again for the reply Tom,

I doublechecked, and the smtp service on the ISA Server is not enabled. Typically, I setup ISA Servers as dedicated machines, completely stripped down of everything but what is needed to be a secure firewall.

Any other thoughts?

(in reply to Aubrey)
Post #: 5
RE: MS Exchange Issue - 17.Dec.2003 2:18:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

OK, I checked out this and the IP address is that of client [Smile]

Moral of the story: always test from an external client!

HTH,
Tom

(in reply to Aubrey)
Post #: 6
RE: MS Exchange Issue - 17.Dec.2003 4:56:00 PM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Tom,
I guess I'm confused now. Why on some networks using ISA to publish an internal Microsoft Exchange server would the helo command return the external originating IP address, and on this particular one, it's returning the IP address of the ISA Server itself (internal exchange server is 192.168.0.1 and internal nic on isa is 192.168.0.5 which is the ip being returned when the helo command is issued)?

both systems have been tested from external links. Thanks for anymore thoughts.

(in reply to Aubrey)
Post #: 7
RE: MS Exchange Issue - 18.Dec.2003 3:21:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

What is your SMTP server's address?

Thanks!
Tom

(in reply to Aubrey)
Post #: 8
RE: MS Exchange Issue - 18.Dec.2003 4:07:00 AM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
The internal IP of the SMTP address is 192.168.0.1. The internal IP of the ISA Server is 192.168.0.5.

Let me know if you need anymore info.

(in reply to Aubrey)
Post #: 9
RE: MS Exchange Issue - 18.Dec.2003 4:47:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

What I was interested in is the IP address that I can use to telnet into your server and see if the ISA firewalls external address on my site is the one that is reported when I telnet in.

Thanks!
Tom

(in reply to Aubrey)
Post #: 10
RE: MS Exchange Issue - 19.Dec.2003 12:22:00 AM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Ah, sorrry for the mis-understatnding Tom.

Telnet into www.aubreyrhame.com port 25. What should end up happening is that you will get a response of helo 192.168.0.5 which is my ISA Server. It won't be yours. Basically it seems like the Exchange Server thinks that the ISA Server is the one telneting into port 25 (I guess in a round about way it is). But, other setups I have return the IP Address of the person initiating the helo command and not the IP Address of my ISA Server.

For example, if you telnet into your smtp server behind your isa server from an external IP, it more than likely should return your external IP when you issue the helo command.

If you have anymore questions, please let me know.

(in reply to Aubrey)
Post #: 11
RE: MS Exchange Issue - 21.Dec.2003 4:32:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Aubrey,

Yep, that's what I'm seeing.

What happens when you telnet to mail.tacteam.net?

Thanks!
Tom

(in reply to Aubrey)
Post #: 12
RE: MS Exchange Issue - 21.Dec.2003 11:06:00 PM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
When I telnet into port 25 of mail.tacteam.net it returns my real IP address when I issue the helo command; not the internal IP of the ISA Server.

(in reply to Aubrey)
Post #: 13
RE: MS Exchange Issue - 21.Dec.2003 11:11:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Aubrey,

did you implement http://support.microsoft.com/default.aspx?scid=kb;en-us;311777 on this ISA server?

HTH,
Stefaan

(in reply to Aubrey)
Post #: 14
RE: MS Exchange Issue - 22.Dec.2003 2:47:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Stefaan,

Interesting. I'll have to test this and see what happens.

Thanks!
Tom

(in reply to Aubrey)
Post #: 15
RE: MS Exchange Issue - 25.Dec.2003 10:36:00 AM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Thanks for the reply Stefaan.

I've read this article before in my search for what was going on here. But, I haven't implemented Network Load Balancing on this machine.

This setup is almost identicle to many of my other clients configurations. A dedicated ISA Server with an Exchange Server behind it.

Any other suggestions or tests that I might run?

(in reply to Aubrey)
Post #: 16
RE: MS Exchange Issue - 25.Dec.2003 9:53:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Aubrey,

KB311777 has nothing to do with Network Load Balancing as such. You can perfectly implement it on a standalone ISA server if you have a requirement for full NAT. So, check out the registry to see if the registry value UseISAAddressInPublishing is configured.

HTH,
Stefaan

(in reply to Aubrey)
Post #: 17
RE: MS Exchange Issue - 26.Dec.2003 8:12:00 AM   
Aubrey

 

Posts: 79
Joined: 8.Mar.2002
From: Texas
Status: offline
Thanks again for the reply. I went over the registry setting and I actually did have that key. I guess where my confusion now lies is, how did that key get created? This particular setup is identicle to many others that I have done and now am not sure on how this happened.

But, it seems to be functioning properly now. If anyone has any idea how that key may have been created, or if any new patches automatically create that key, please let me know.

(in reply to Aubrey)
Post #: 18
RE: MS Exchange Issue - 26.Dec.2003 9:53:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Aubrey,

good to hear you got it working and thanks for the follow up! [Smile]

As far as I know, no patch automatically create that particular registry key.

Thanks,
Stefaan

(in reply to Aubrey)
Post #: 19

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Server Publishing >> MS Exchange Issue Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts