Welcome to ISAserver.org

The Mystery of the failing POP3 Access with ISA 2000

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> The Mystery of the failing POP3 Access with ISA 2000

Page: [1] 2 next > >>

Message

<< Older Topic Newer Topic >>

The Mystery of the failing POP3 Access with ISA 2000 - 16.May2005 4:48:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

This thread is for the article The Mystery of the failing POP3 Access with ISA 2000.

Thanks,
Stefaan

[ May 16, 2005, 05:03 PM: Message edited by: spouseele ]

Post #: 1

Featured Links*

RE: The Mystery of the failing POP3 Access with ISA 2000 - 16.May2005 5:44:00 PM

Adzenloom

Posts: 4
Joined: 15.Jan.2005
From: Chicago area
Status: offline

Nice - very nice. Well done.

Simple question: Do same reg keys work for ISA-04??

I have a similar issue (at least it has the earmarks) - different client, different host, different service. However, same behavior, same symptoms, same environment - a LOT of hits on a few servers. It seems easy enough to try the hack and see if it resolves my issue.

Thanks

(in reply to spouseele)

Post #: 2

RE: The Mystery of the failing POP3 Access with ISA 2000 - 16.May2005 6:04:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Adzenloom,

I ran the same tests on an ISA 2004 in a lab environment. As far as I can tell, ISA 2004 does *not* have the same behaviour.

HTH,
Stefaan

(in reply to spouseele)

Post #: 3

RE: The Mystery of the failing POP3 Access with ISA 2000 - 16.May2005 7:22:00 PM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Stefaan,

Great article!

Thanks!
Tom

(in reply to spouseele)

Post #: 4

RE: The Mystery of the failing POP3 Access with ISA 2000 - 16.May2005 8:23:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Tom,

Thanks! It was really fun to discover that unexpected behaviour and find out it may explain the age-old POP3 issue.

Stefaan

(in reply to spouseele)

Post #: 5

RE: The Mystery of the failing POP3 Access with ISA 2000 - 17.May2005 8:49:00 AM

AHIT

Posts: 1561
Joined: 22.Jul.2002
From: Sydney, Australia
Status: offline

A truly brilliant and informative article.
Whilst never being plagued with this problem myself as I've only ever installed ISA in sites that either a) Run their own "internal" mail-server or b) ran a relatively small number of internal clients.
This does however clear up a number of posts/questions I've seen over the years.
Cheers to you! [Big Grin]

Thanks Stefaan

(in reply to spouseele)

Post #: 6

RE: The Mystery of the failing POP3 Access with ISA 2000 - 18.May2005 4:02:00 AM

msabene

Posts: 22
Joined: 11.Jul.2003
From: USA
Status: offline

Greetings to all:
Great article. Congratulations. I had a similar problem a few months ago with a network I inherited as administrator. The internal clients were addressing the POP3 server with the public name and complained of several timeout problems. I changed the configuration and have them address the mail server with its internal FQDN and never got a timeout again. Are both things related?
Regards,
Marco.

(in reply to spouseele)

Post #: 7

RE: The Mystery of the failing POP3 Access with ISA 2000 - 18.May2005 2:18:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Ahit,

thanks for the complements! [Smile]

Stefaan

(in reply to spouseele)

Post #: 8

RE: The Mystery of the failing POP3 Access with ISA 2000 - 18.May2005 2:21:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Marco,

no, it's not the same. You should never access from an internal host the published instance of a internal service. In other words, never loopback through the ISA external interface. For more info, check out http://www.isaserver.org/articles/14120_Errors_Discussion_and_Solution.html .

HTH,
Stefaan

[ May 19, 2005, 02:16 PM: Message edited by: spouseele ]

(in reply to spouseele)

Post #: 9

RE: The Mystery of the failing POP3 Access with ISA 2000 - 1.Jun.2005 7:21:00 AM

Elizabeth

Posts: 53
Joined: 16.Apr.2001
From: Belo Horizonte, Minas Gerais, Brasil
Status: offline

Hi,

I have this problem after install ISA 2004.
Users cannot access mail only from Outlook Express.

I don�t know to solve this problem.

Thank you

Elizabeth [Confused]

(in reply to spouseele)

Post #: 10

RE: The Mystery of the failing POP3 Access with ISA 2000 - 1.Jun.2005 2:32:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Elizabeth,

this article applies *only* to ISA 2000. So, I suggest you start a new topic for your specific problem.

Thanks,
Stefaan

(in reply to spouseele)

Post #: 11

RE: The Mystery of the failing POP3 Access with ISA 2000 - 25.Jul.2005 1:06:00 PM

LuizEduardo

Posts: 1
Joined: 25.Jul.2005
From: Spo Paulo - Brasil
Status: offline

quote:
Originally posted by spouseele:
This thread is for the article The Mystery of the failing POP3 Access with ISA 2000.

Thanks,
Stefaan

Hello

I have one ISA2000 (running Firewall and Cache and one DMZ (where is located the mail server)) over Win2000Server, and made the registry modification cited in the article "The mystery of the failing POP...", however, exactly thus, intermittently, we continue with POP connection problems. We perceive that some times, beyond the POP connections problem, the Cache service it also unavailable.
Some times we need to restart the Windows 2000 SRV - for not being possible to restart ISA services. When we make this, all return to works fine, as nothing had been happened and does not have nothing stranger in logs and the event logs.

Any aid will be welcome.

Regards

(in reply to spouseele)

Post #: 12

RE: The Mystery of the failing POP3 Access with ISA 2000 - 25.Jul.2005 3:54:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Luiz,

are the internal clients configured as Firewall or SecureNAT clients? Remember that the issue described in my article happens *only* with Firewall clients, *not* SecureNAT clients.

HTH,
Stefaan

(in reply to spouseele)

Post #: 13

RE: The Mystery of the failing POP3 Access with ISA 2000 - 31.Jul.2005 7:53:00 AM

CeYHuN

Posts: 10
Joined: 26.Feb.2004
From: Turkey
Status: offline

Hi..
I am using 2003 serv / isa 2000
When clients try to use outlook connection lost and give a warning "isa server inaccessible"

when I looked registry at HKLM\System\CurrentControlSet\Services\FwSrv\Parameters
I saw only installroot reg_sz..
I did your suggestion but still cant solve this..

Please help me its very big problem.. My company cant live without mail.

(in reply to spouseele)

Post #: 14

RE: The Mystery of the failing POP3 Access with ISA 2000 - 1.Aug.2005 4:35:00 AM

CeYHuN

Posts: 10
Joined: 26.Feb.2004
From: Turkey
Status: offline

will I Re-install isa 2000 ?

(in reply to spouseele)

Post #: 15

RE: The Mystery of the failing POP3 Access with ISA 2000 - 1.Aug.2005 2:51:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi CeYHuN,

did you first verify that your issue is indeed what is described in my article? Can you proof it with a netmon trace?

Also, if the regkey isn't there, create it and if it is the same issue, the problem should be solved. Of course, don't forget to restart the Firewall service. [Wink]

HTH,
Stefaan

[ August 01, 2005, 02:51 PM: Message edited by: spouseele ]

(in reply to spouseele)

Post #: 16

RE: The Mystery of the failing POP3 Access with ISA 2000 - 30.Aug.2005 7:24:00 PM

Guest

I have only 6 clients accessing external POP3 server, and timeout happen (wait for 60 secs) in about 15% of tryouts.

But this error always happen when message have attachment (even small .txt file with smaller than 1K).

I have tried adding this key to reguistry, but it doesn't solved problem.

Anyone have clue what might happen?

(in reply to spouseele)

Post #: 17

RE: The Mystery of the failing POP3 Access with ISA 2000 - 1.Sep.2005 2:31:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi bola,

according to your information, it doesn't sound to be the same problem as described in my article. Can you provide us a NetMon trace on the ISA internal and external interface of such an incident?

HTH,
Stefaan

(in reply to spouseele)

Post #: 18

RE: The Mystery of the failing POP3 Access with ISA 2000 - 14.Sep.2005 6:01:00 AM

vikrant1971

Posts: 25
Joined: 24.Jun.2002
Status: offline

Hi ,

I am having problem in routing POP3 access through the ISA server (2000).Few dayz back this was working. Firewall clients could directly access their external POP3 servers and check their mails.
I checked the article published by you and modified the keys.Thanks a ton and really appriciate for publishing such a detailed troubleshhoting article.
However I am able to to check mails using HTTP server like hotmail.

How do I make this to work again?

--
Regards and Thanks

Vik.

(in reply to spouseele)

Post #: 19

RE: The Mystery of the failing POP3 Access with ISA 2000 - 14.Sep.2005 3:45:00 PM

spouseele

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi Vik,

if it worked before, then something must have changed. The first thing to check out is the ISA Firewall log. What's that telling you? Make sure you have enabled the logging of all fields to get the most out of it.

HTH,
Stefaan

(in reply to spouseele)

Post #: 20