Cannot send mail from DMZ to Internal Mail Server (Full Version)

All Forums >> [ISA Server 2000 Firewall] >> DMZ



Message

argyp -> Cannot send mail from DMZ to Internal Mail Server (19.Aug.2003 4:36:00 AM)

I am running a DMZ with the following config

External IP 210.23.138.218
subnet 255.255.255.252
Gateway 210.23.138.217
DNS 210.23.129.34

DMZ IP 210.23.138.226
Subnet 255.255.255.248
Gateway - blank

Internal IP 192.168.1.2
subnet 255.255.255.0
Gateway - blank
DNS 192.168.1.6

I have recently upgraded a server in the DMZ with the IP 210.23.138.225 to Windows 2003 Server Web Edition.

This server has the following setup
210.23.138.225
Subnet 255.255.255.248
Gateway 210.23.138.226
DNS - 210.23.129.35

I have created HTTP and SMTP filters on
the ISA Server for the DMZ.

I have HTTP access, but cannot get the SMTP to work correctly. I have tried to telnet external mailservers and this is okay, but I cannot telnet our mailserver on 192.168.1.2

This used to work prior to installing Windows 2003 Web Edition on the DMZ server.

I need to be able to send mail from the DMZ server to my mail server for web forms.

Any ideas would be welcome.



spouseele -> RE: Cannot send mail from DMZ to Internal Mail Server (19.Aug.2003 11:15:00 PM)

Hi Argy,

you need to server publish the internal mail server on the DMZ interface IP address.

HTH,
Stefaan



argyp -> RE: Cannot send mail from DMZ to Internal Mail Server (20.Aug.2003 2:42:00 AM)

Hi Stefaan,

This has already been done.

I have mapped a publishing rule from the internal mail server being 192.168.1.6 to the DMZ external IP of the ISA machine being 210.23.138.226.

As mentioned earlier, this problem only occured after loading Windows 2003 Web Edition on my Web Server in the DMZ??



spouseele -> RE: Cannot send mail from DMZ to Internal Mail Server (20.Aug.2003 8:22:00 PM)

Hi Argy,

OK! In your first post you said "but I cannot telnet our mailserver on 192.168.1.2". You should telnet to 210.23.138.226 (this is the IP address where the internal mail server is published on) using TCP port 25, not the internal IP address.

HTH,
Stefaan



Page: [1]