http://www.ISAserver.org If the server is in the DMZ, using a public IP address with a subset of the assigned block of Public IP addresses you have from your ISP, that server in the DMZ will be seen with its assigned IP address. Servers on the LAN or on a private IP based DMZ will be seen with the default public IP address of ISA. The absolute best resource is Dr. Tom's book, ISA server and Beyond. There is a lot of information in there about DMZ zones. For now, I am going to sleep. 19 hours is enough. John Tolmachoff Engineer/Consultant/Owner eServices For You -----Original Message----- From: Risun Antony [mailto:risuna@xxxxxxxxxxxxx] Sent: Tuesday, December 30, 2003 12:53 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Publishing SMTP servers on the internal network. Hi John There you go John, can i have more guidelines on this? Could you point to some articles or How-to-do's on this. Really appreciate the help. By the way, just for knowledges sake, Suppose i have only a single Mail server to be published. >From what i understand the outbound messages will leave using the Default IP of the ISA server. In this scenario, an outbound message, which is destined to a mail server that requests that the source IP should resolve, will it not fail???? Thanks again all. Risun Antony Technical Support Engineer Oriensoft Technologies Pvt. Ltd. Tel: +91-22-56975275 Fax: +91-22-56976764 _____ From: John Tolmachoff (Lists) Sent: Tue 12/30/2003 1:48 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Publishing SMTP servers on the internal network. http://www.ISAserver.org Now I understand. Yes, in that case, you would put them in the DMZ with the DMZ configured with public IP addresses. Then you use rules instead of publishing. By using rules, they use their IP address. John Tolmachoff Engineer/Consultant/Owner eServices For You -----Original Message----- From: Risun Antony [mailto:risuna@xxxxxxxxxxxxx] Sent: Tuesday, December 30, 2003 12:06 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Publishing SMTP servers on the internal network. http://www.ISAserver.org Hi All Thanks for the resonse and do appreciate your concern John. We are a hosting company and have 10 or so Mail Servers that are already on the internet. What i am trying to do is to give it some protection if possible, by bringing it behind a firewall, and publishing the same. And yes i am aware of the fact that i cannot have multiple SMTP servers using a single IP. All my SMTP servers and Web servers have their own Public IP addresses. Even though i have separate IP addresses for my Mail Servers, I wont be able to publish my SMTP servers because ISA uses its default IP address for outbound messages and doesnot use the IP address that i bind it to. Yes, Jim i get the idea that this is by design. I was wondering how would publishing my SMTP servers work if i would keep them in the DMZ zone?!?! I guess it would again use the default IP address on that interface, right? As you said "By default, all traffic leaving a Windows server leaves on the default IP" thats what i can expect. Thanx for the reply again. Risun Antony Technical Support Engineer Oriensoft Technologies Pvt. Ltd. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: risuna@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')