Check to see if the request is making it to the ISA server. What do the logs say about this inbound connection? FYI: Someone has messed with the ISA configuration on the SBS server. Out of the box, it requires the firewall client for any user to use the Internet. Amy Harbor Computer Services Small Business Computer Specialists Client Blog: http://smalltechnotes.blogspot.com/ Tech Blog: http://isainsbs.blogspot.com/ Help: http://helpdesk.harborcomputerservices.net/ Website: http://www.harborcomputerservices.net/ ________________________________ From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, May 19, 2005 9:15 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA in SBS2000 http://www.ISAserver.org Your ADSL router is blocking the inbound connection. Reconfigure it in Bridge mode and give the ISA server external NIC the public IP address. John T eServices For You -----Original Message----- From: keith [mailto:keith@xxxxxxxxxxxxxx] Sent: Thursday, May 19, 2005 2:55 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA in SBS2000 I have searched isaserver.org looking for a solution to a particular problem and am now desperate for help. My problem is this: A customer of mine has a new EDI solution to communicate with Asda/Walmart. They run SBS2000 with the network setup as follows, the gateway is an adsl router with an external address 81.x.x.x and an internal address 192.168.211.x/30 which is directly connected to the external card of the SBserver 192.168.211.x/30. The internal network is a 192.168.220.x/24 network. The EDI PC running Win XP Pro sits on the internal network with a 192.168.220.x/24 static address. Asda/Walmart are trying to send test data to the EDI Software known as AS2 via the 81 address. I have created protocol rules and filters and everything I can think of in the isa firewall but the data still does not get through to the pc, although the pc can communicate to them, I can also ping and traceroute to them. I have tried to setup the ISA firewall as requested in the software documentation: as follows - For communication To Wal-mart open destination 161.165.202.30 on port 5080 For communication From Wal-mart listen for source from: 161.165.202.24 to 161.165.202.29 inclusive using a source port between 1023 and 65535 I have checked that the server is configured for inbound connections and it is set to the default, listening on the external address on port 80. I have tried to set a protocol definition and rule to allow tcp inbound, I have tried a publishing rule which publishes the service to the internet through the firewall I have even opened all ports from all sources to all destinations, still no luck. A number of suggestions have been made which require the PC to be a Firewall client, when I make the PC a client it stops the rest from working, the PC cannot get on the internet and the EDI desktop doesn't work and anyway none of the other PC's have firewall client installed. The PC can send to the test server and install secure certificates from Walmart but I can't get a reply. When they send a test message they just get Unable to connect to remote peer as below CONTEST: 2005.04.15 06:52:44.556 847703 HPOS OK Outbound session started - workorder=(41574805) mbox=(RHGbg6Sp) batch=(#331163) attempt=(1 of 1) CONTEST: 2005.04.15 06:52:44.886 847703 EXCE OK File extracted - [403] bytes CONTEST: 2005.04.15 06:52:46.406 847703 HPOS ERR Unable to connect to remote peer CONTEST: 2005.04.15 06:52:46.406 847703 HPOS OK One or more errors occured with this transaction. m_nErr=[150f] CONTEST: 2005.04.15 06:52:46.556 PNOC OK ** Batch (331163) (EDIINTDATA) notice stored in database ** CONTEST: 2005.04.15 06:52:46.686 847703 HPOS OK Outbound session stopping - batch=[#331163] Any step by step help to get this problem solved would be much appreciated. Kind Regards Keith Bath BEM,CCNP,CCNA Waterlight Solutions www.waterlight-solutions.co.uk Tel: 01743340791 Mob: 07803603080 Fax: 08707064901 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx