RE: Help Publishing Exchange 2000 RPC with ISA on Server 2000
- From: "Jeff Sloan" <jsloan@xxxxxxxxxxxx>
- To: "ISALists" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 8 Oct 2003 11:10:00 -0500
Thanks Tom, here we go.
1. Exchange server is a secure nat client, (ISA server is listed as the
gateway).
2. Publishing rule is enabled.
3. I don't know about the packet filters, are we talking about the ones
in ISA? I don't see any that would be blocking... All my packet filters
there are allow type except for some Ips of persistent attackers, 3 of
them.
4. Exchange is not on the ISA machine. ex01.crossoil.com is how we
connect, the SMTP publishing part is mail.crossoil.com. Both resolve to
different IP addresses, but go to the same internal machine.
I'll try the netmon trace shortly.
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 10:16 AM
To: ISALists
Subject: [isalist] RE: Help Publishing Exchange 2000 RPC with ISA on
Server 2000
http://www.ISAserver.org
Hi Jeff,
The procedure of publishing secure Exchange RPC is very quick an easy,
so from the publishing end, the only things that might be whack might
be:
1. The Exchange Server is not a SecureNAT client
2. The publishing rule is disabled
3. A packet filter is blocking the rule from working
4. Exchange is installed on the firewall and the socket is listening on
all interface (this problem CAN'T be fixed without disabling NetBT, and
Exchange really doesn't like that too much)
The real problem with Secure Exchange RPC publishing is name resolution.
Can you run NetMon on the external interface and see if the incoming TCP
135 connections are making it to the firewall?
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Jeff Sloan [mailto:jsloan@xxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 10:10 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Help Publishing Exchange 2000 RPC with ISA on Server
2000
http://www.ISAserver.org
Here I am again....
My published RPC Exchange 2000 server through ISA still doesn't work.
Worked fine till the worm crap started happening. Then ISPs started
blocking port 135 and or RPC, but since then they assure me they have
stopped. I have had Earthlink field technicians work with me on our
setup, ours and their routers, dsu/csu, etc. They dug down deep and say
that there is no blocking going on.
Yet it doesn't work any more for us.
Does anyone know if any of the Microsoft patches actually broke this
functionality?
Tom, I have been going through your deployment kits, but am a little
confused. Is it still possible to do the RPC publishing with ISA server
on Win 2000 server, and Exchange 2000 on Win 2000 server? Without any
additional ssl, certificates, vpn, rpc over http, etc.
It used to work, I just want it back.
Is there any configuration lists or settings you need me to send to help
identify the problem. Thanks
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jsloan@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
