RE: ISA 2004 and Exchange 2003 Publishing
- From: "Shanmuga Raj Admin" <speriya@xxxxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Sun, 12 Sep 2004 13:26:56 -0400
Hi Mustafa,
Check www.isaserver.org for tutorials written by Tom Schinder. Tom has
written excellent articles on ISA 2000 and 2004 for publishing OWA and
RPC in various scenarios. If you follow them step by step, I am suer
will be able to get it working.
Thanks
Raj
-----Original Message-----
From: Mustafa Cicek [mailto:mbcicek@xxxxxxxxx]
Sent: Sunday, September 12, 2004 9:29 AM
To: Exchange Weblist
Subject: [exchangelist] ISA 2004 and Exchange 2003 Publishing
http://www.MSExchange.org/
Hi!
Fisrt of all, I'm sorry for my bad English. I hope I can describe my
problem correctly.
I am very new in ISA infrastructure. My aim is to use ISA 2004 and to
publish the services of Exchange Server 2003 which has a
front-end/back-end infrastructure.
Unfortunately I have big problems in my test enviorement. My test
anvironment is like that:
INTERNET <> NETSCREEN FIREWALL 1 <> ISA 2004 <> NETSCREEN FIREWALL 2 <>
INTERNAL NETWORK with Font-End/Back-End/Global Catalog Server.
INTERNAL NETWORK:
- All server are installed on Windows 2003 Server
- Windows 2003 Active Directory is deployed for internal server only. It
means that ISA 2004 is not a domain member server. It has own workgroup.
DC/GC Server: 10.10.4.3
Front-End-Exchange: 10.10.4.1
Back-End-Exchange: 10.10.4.2
ISA:
- ISA 2004 has two interfaces and is configured as a router (not as
proxy) internal IP address: 213.183.4.118 external IP address:
213.183.4.125
- I published OWA and SMTP/IMAP4/POP3 with publish mail server wizard.
NETSCREEN FIREWALLs:
- Netscreen Firewall 1 routes the packets from/to Internet
- Netscreen Firewall 2 is configured as NAT for internal network and
Front-End-Exchange has a NAT address 213.183.4.116.
- All inbound (incoming) connections for OWA/OMA/ActiveSync/RPC over
HTTP/SMTP/POP3/IMAP4 are addressed to external IP address of ISA 2004.
CERTIFICATES:
- DC/Global Catalog Server is also my Certificate Authority.
- Front-End-Exchange has its own certificate from CA. This certificate
is also copied to ISA 2004.
- The published services record in external DNS (for example OWA) has
the same Common Name like the certificates has: owa.testdomain.net.
DNS:
- I have an external and internal DNS server. The internal DNS is
responsible for the internal server (FE/BE/GC), and the external DNS is
located in INTERNET.
- If the internal DNS doesn't know the address in its database, it
forwards DNS requests to the external DNS.
internal DNS: 10.10.4.3
external DNS: 213.183.0.1
Hier is some DNS records of external DNS:
MX record >>> 213.183.4.125 (external IP of ISA) Host record >>>
owa.testdomain.net (external IP of ISA)
What is not functioning in my environment:
OWA/OMA:
If I access OWA (Front-End) with https://owa.testdomain.net/exchange,
fisrt, I have the certifcate warning (accept the certificate or not). I
accept the certificate, thenn, I have the error page principal name is
not found!
If I access OWA with the internal address,
https://frontend.testdomain.net, I cann access the OWA pages without any
problem.
SMTP/POP3/IMAP4:
I use the external IP address of ISA (213.183.4.125) as SMTP/POP3/IMAP4
server address. I cannot access SMTP/POP3/IMAP4. There is always an
error that indicates that the server is not found.
My QUESTIONS:
1) Is it correct that I configured/installed the ISA Server as Router
not as Webproxy? If I must configure it as Webproxy, I cannot use the
full function of ISA for SMTP/POP3/IMAP4?!
2) Can it be a DNS problem?
3) Perhaps a certificate problem?
4) Any other error sources?
Please help me...!
THANKS for responses!!!
Best Regards
Mustafa
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
This E-Mail is confidential. It is not intended to be read, copied,
disclosed or used by any person other than the recipient named above.
Unauthorised use, disclosure, or copying is strictly prohibited and may
be unlawful. Optimum IT Solutions disclaims any liability for any action
taken in connection of this E-Mail. The comments or statements expressed
in this E-Mail are not necessarily those of Optimum IT Solutions or its
subsidiaries or affiliates.
administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
speriya@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
