RE: client behind ISA access to remote Exchange behind another ISA using MAPI
- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 7 Mar 2003 14:47:53 -0400
Hi John,
Have you tried it from in front of your ISA server to rule out a problem at the
server end?
HTH
Steve
From:Thomas W Shinder
Sent:Fri 07/03/2003 11:53 AM
To:[ISAserver.org Discussion List]
Subject:[isalist] RE: client behind ISA access to remote Exchange behind
another ISA using MAPI
http://www.ISAserver.org
Hi John,
Do you have any Outlook clients without service packs installed? It
would be interesting to test the clients without the service packs.
Also, have you installed Feature Pack 1 on the ISA Server? How are you
allowing outbound access to the external Exchange Server without the RPC
filter included in the feature pack? Are you using the Firewall client
to support the secondary connections?
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Jun [mailto:jun@xxxxxxxxxxxxx]
Sent: Friday, March 07, 2003 9:48 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: client behind ISA access to remote Exchange
behind another ISA using MAPI
http://www.ISAserver.org
Hi, Tom & John T.:
That's why I ask, I can't find any hints either on your books or on
microsoft website. I can't do fully testing since
the outsourced Exchange is not under my control. I am using Outlook
2002(Outlook XP) with SP2, no Outlook 2000 SP2. I
don't know much difference between them.
I agree with you and John T. But this decision was made by the finacial
manager. I've told them if ISA would open all
the ports above 1024, why need firewall? I did lots of testing(even wide
open ISA), but no luck to make the MAPI works
through the two ISAs belong to different company(that's why VPN is out
of consideration). It's nuts because Exchange is
not designed to use that way and I bet 99% user will not use Exchage
like that. Sigh, in this bad economy, the next I
would conside is my job security. :(
BTW, the provider is: www.apptix.com. I will continue to do the testing
accordingl to the registry tricks of Q articles
provided by you guys and update this once I found something.
Thanks for all the information given, that's really help!
Best regards,
John Huang
System Administrator
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, March 06, 2003 8:20 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: client behind ISA access to remote Exchange
behind another ISA using MAPI
http://www.ISAserver.org
Hi John,
Hmmm. I didn't think about this Exchange Server being off site. I
thought that he was saying the Exchange Server was on
site and that they were trying to use Exchange RPC publishing rules, but
Outlook 2000 SP2 broke the Exchange RPC
publishing rule.
Its an interesting question and one I haven't researched -- whether
Feature Pack 1 will allow Outlook 2000 SP2 clients
to access external Exchange servers with no problems.
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: John Tolmachoff [mailto:isalist@xxxxxxxxxxxx]
Sent: Wednesday, March 05, 2003 6:50 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: client behind ISA access to remote Exchange
behind another ISA using MAPI
http://www.ISAserver.org
This is interesting. See my reply to 307926.
In your case, is a site to site VPN possible? (It would have to be
strictly
regulated.)
In my opinion, Exchange was never designed nor will it function properly
to serve as a mail server for non-local
domains. It is the Lexus of corporate e-mail servers. The key word is
corporate.
If you have to have Exchange and you have to outsource, I would
seriously consider a on-site outsourced Exchange server,
where it is in your office but is entirely taken care of by someone
else.
I have never heard of Exchange being used for a corporation where the
Exchange server was not within that company.
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
> -----Original Message-----
> From: John Huang [mailto:jun@xxxxxxxxxxxxx]
> Sent: Wednesday, March 05, 2003 1:17 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] client behind ISA access to remote Exchange behind
another ISA
> using MAPI
>
> http://www.ISAserver.org
>
>
> Hi, Dr. Shinder:
>
> Our LAN is behind a integrated mode ISA. We are using SNAT client for
LAN.
> Now we want to use outsourced Exchange, which also secured published
> behind ISA array. I am using Outlook 2002 SP-2 client, try to connect
> using MAPI to the remote Exchange but failed. Someone told me
installing
> the lastest Feature Pack 1 but still not working. I tested by allowing
my
> ISA wide open to all to try to connect the remote Exchange, still
failed.
> Errow message said can not find the server and the mailbox name. Using
> sniffer to analyze the packet find that local Outlook client send some
> request call but not get reply by the remote Exchange but ISA, while
if
> not SNAT in DMZ the client can get the reply and establish MAPI
> connection.
>
> After dig out some knowledge base, I found these info:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;307926
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;263293
> http://support.microsoft.com/default.aspx?scid=kb;en-us;154596
>
> Is this mean that we can not use this kind of sevice or setup because
of
> the RPC, NAT and Outlook GC? Any suggestion? or the beta 2 version of
ISA
> will address this problem?
>
> Thank you very much for your advice.
>
>
> Best regards,
> John Huang
> System Administrator
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
> ------------------------------------------------------
> Exchange Server Resource Site: http://www.msexchange.org/ Windows
> Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
> Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a
blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jun@xxxxxxxxxxxxx To unsubscribe send a blank
email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
steve@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
This E-Mail is confidential. It is not intended to be read, copied, disclosed
or used by any person other than [ISAserver.org Discussion List].
Unauthorised use, disclosure, or copying is strictly prohibited and may be
unlawful. Optimum Computer Solutions disclaims any liability for any action
taken in connection of this E-Mail. The comments or statements expressed in
this E-Mail are not necessarily those of Optimum Computer Solutions or its
subsidiaries or affiliates.
usermanager@xxxxxxxxxxxxxxx
Other related posts:
