RE: Help Publishing Exchange 2000 RPC with ISA on Server 2000
- From: "Jeff Sloan" <jsloan@xxxxxxxxxxxx>
- To: "ISALists" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 8 Oct 2003 14:12:03 -0500
The version I'm running creates a protocol rule that denies udp send
receive ports 8998, and 995-999.
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
Fax 870-864-8689
Cell 870-866-9941
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 11:55 AM
To: ISALists
Subject: [isalist] RE: Help Publishing Exchange 2000 RPC with ISA on
Server 2000
http://www.ISAserver.org
Hi Jeff,
I have to say that I don't know what the SoBig script does :-) But I'm
sure if it blocks TCP 135, then it will create an explicit packet filter
to do so.
Even if the Sobig script did some hidden blocking, the blocked
connection attempts would appear in the NetMon trace.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Jeff Sloan [mailto:jsloan@xxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 11:19 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Help Publishing Exchange 2000 RPC with ISA on
Server 2000
http://www.ISAserver.org
Does the sobig script for ISA block the RPC port 135 traffic?
I know it doesn't directly, but are there any secondary connections
needed? But I have tried it with it turned off as well...
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 10:16 AM
To: ISALists
Subject: [isalist] RE: Help Publishing Exchange 2000 RPC with ISA on
Server 2000
http://www.ISAserver.org
Hi Jeff,
The procedure of publishing secure Exchange RPC is very quick an easy,
so from the publishing end, the only things that might be whack might
be:
1. The Exchange Server is not a SecureNAT client
2. The publishing rule is disabled
3. A packet filter is blocking the rule from working
4. Exchange is installed on the firewall and the socket is listening on
all interface (this problem CAN'T be fixed without disabling NetBT, and
Exchange really doesn't like that too much)
The real problem with Secure Exchange RPC publishing is name resolution.
Can you run NetMon on the external interface and see if the incoming TCP
135 connections are making it to the firewall?
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Jeff Sloan [mailto:jsloan@xxxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 10:10 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Help Publishing Exchange 2000 RPC with ISA on Server
2000
http://www.ISAserver.org
Here I am again....
My published RPC Exchange 2000 server through ISA still doesn't work.
Worked fine till the worm crap started happening. Then ISPs started
blocking port 135 and or RPC, but since then they assure me they have
stopped. I have had Earthlink field technicians work with me on our
setup, ours and their routers, dsu/csu, etc. They dug down deep and say
that there is no blocking going on.
Yet it doesn't work any more for us.
Does anyone know if any of the Microsoft patches actually broke this
functionality?
Tom, I have been going through your deployment kits, but am a little
confused. Is it still possible to do the RPC publishing with ISA server
on Win 2000 server, and Exchange 2000 on Win 2000 server? Without any
additional ssl, certificates, vpn, rpc over http, etc.
It used to work, I just want it back.
Is there any configuration lists or settings you need me to send to help
identify the problem. Thanks
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jsloan@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jsloan@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
