My broblem is with outlook express. I have a DNS with a forwarder to my ISP. My clients are running as secureNAT clients. When i want to send or receive mail with outlook it doesnt work. when i nslookup my isp's pop3 and smtp i get the correct reply.Ive tried to use the ip's of the pop and smtp insted of using the FQDN and it still doesnt work. If i install the firewall client i can successfully send and receive mail. Why does it work with the firewall client and can it work when the clients are securenat clients? Please help.
No i dont see the request in the firewall log. The Packet Filter log gives me the following when i want to send or receive mail: param#1 param#2 filter-rule tcp 3557 135 blocket icmp 8 0 blocket any idea why?
I also dont need authentication in my site and content or protocol rule. If this is a DNS error what do you guys think is the problem? When i try to send or receive mail i get host could not be found error. I found this on isaserver site and it doesnt help:
I can't connect to my POP3 Server, or use RealAudio or mIRC The most common reason for these problems is that there is not Protocol Rule in place that allows access to these protocols. However, there have been a number of reports of POP3 access problems existing when a Protocol Rule has been defined and there are no other explanations. When this is the case, uninstalling and reinstalling ISA Server fixes the problem.
Yes, nslookup is working fine from the securenat client and its dns is pointing to my internal dns that has a forwader to isp. is this a common problem that i have here with outlook or it just me? Why do i get the icmp 8 0 block tho when ever i want to send or receive mail?thx for the replies sofar.
OK, if you can resolve FQDN's then why do you *not* see the requests in the Firewall log? Is the client correctly setted up as a SecureNAT client? That means that his default gateway should point to the ISA internal interface.
Also, have you already checked the ISA interface settings? So, correct adapter order, no default gateway on ISA internal interface, etc...?
BTW --- I never have had problems with SecureNAt clients!
i connected to irc quickly and in the firewall log i can see the connection i just made. But webpages i access shows up in the packet filter log. Is this wrong? yep my default gateway is pointing to the internal adapter of isa on securenat client.
What are the details of the 'icmp 8 0'? Is is outbound or inbound? What is the source address?
Regardless if the pop or smtp server is trying to ping you, you should see the pop or smtp request in the Firewall log! Are you sure you don't see them? Keep in mind that it can take some time before the entries are effectively written to the log files.
Im going to have a look at the link soon ive read up on smtp and pop but its mainly about exchange. They talking that exchange needs port 135 to comunicate and uses ports from 5000 65535 to pass through the firewall does this make eny sense? In my Packet Filter log ive seen this port being blocked and allowed. Ive created a protocol rule to allow the port + secondary 5000 - 65535 inbound but still no luck. Im prob just way off the mark.Thanks for help sofar will check ure link quick.Thanks.