RE: How do you configure the ISA in a PIX DMS environment?
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 19 Jun 2005 14:10:33 -0500
Hi Colin,
SecureNAT is a key issue with the ISA firewall. Reread the chapter in
the book about ISA client types :)
The request and responses paths need to be the same. No problem using
different devices and paths for inbound and inbound relay, but the
request/response path has to be the same.
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Colin Nash [mailto:colinn@xxxxxxxxxxxxx]
Sent: Sunday, June 19, 2005 1:23 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: How do you configure the ISA in a PIX DMS
environment?
http://www.ISAserver.org
No it is not. Were actually configuring ISA to route SMTP to a Symantec
Brightmail server first then onto Exchange 2003. For the purposes of
validating the ISA config however we pointed ISA directly at Exchange
for the Inbound SMTP policy but Exchange still sends outbound SMTP
through Brightmail. Do we still need to configure Exchange as a
SecureNAT client of the ISA firewall?
Also, I'm not sure I understand fully what it means and why we would
need to configure SecureNAT?
Thanks for your reply and help!
/colin
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Sun 6/19/2005 11:00 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: How do you configure the ISA in a PIX DMS
environment?
http://www.ISAserver.org
Hi Colin,
Is the Exchange Server a SecureNAT client of the ISA firewall?
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Colin [mailto:colinn@xxxxxxxxxxxxx]
Sent: Sunday, June 19, 2005 12:56 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] How do you configure the ISA in a PIX DMS
environment?
http://www.ISAserver.org
I read the article http://www.isaserver.org/tutorials/2004isapixdmz.html
and want to configure my environment based on the section "Following the
Path to Exchange in an ISA Firewall in PIX DMZ Environment". However, I
cannot seem to figure this out. My DMZ network is configured as
172.16.0.0 and my Internal network is configured as 192.168.0.0.
Currently the PIX routes my external mail requests to my ISA box at
172.16.1.20 and ISA has it's "Internal" network configured to use the
192
address. I create an SMTP mail publishing rule to listen on External
and
forward to the 192 address of my Exchange server but I am getting Failed
Denied connections when I test the connection by telnetting to the
external mail domain at port 25. Please help! Thanks!
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
colinn@xxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
