RE: My ISA 2004 has gone completely berserk
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 2 Dec 2004 12:00:07 -0400
You need to publish it as a mail server, external ip to internal IP
Then you need to allow smtp in and outwith an allow rule, simple
Steve
-----Original Message-----
From: Steven Andreca [mailto:sandreca@xxxxxxxx]
Sent: Thursday, December 02, 2004 9:39 AM
To: ISA Mailing List
Subject: [isalist] RE: My ISA 2004 has gone completely berserk
http://www.ISAserver.org
The same configuration worked fine with my ISA 2000 (luckily I still
have that box and revived it until I figure this one out).
Exchange is on a member server behind ISA. Internal DNS is on the DC and
it uses my ISP's DNS as forwarders. My external DNS is resolved at
NetSol.
I believe it's got something to do with the way I published the
Exchange.
There's contradicting articles out there. One says you just use the
"Publish a mail server" task and another says you need to do the
"Inbound SMTP", "Outbound SMTP" and "Outbound DNS" rules. First didn't
work (for
incoming) so I used the second one. I thought that was working but now
it appears it wasn't. For some reason though, it was working every once
in a while. I could send myself e-mails from Yahoo but not from MSN, for
example. Stupid me I wasn't watching the alerts. The exact phrasing of
the alert is: "Server publishing rule (Inbound SMTP) that maps <mail
server IP>:25 TCP to <external ISA IP>:25 for protocol [SMTP Server] was
unable to bind a socket for the server. The server publishing rule
cannot be applied. The failure is due to error:
0x80070034." Couldn't find anything about the error at M$.
And then there's all those detected "all port scan attacks" from my
internal DC. I guess I should just turn the "Intrusion detection" off.
Anyway, I think Jim's right: I should start from scratch and do one
thing at the time.
Can anyone tell me what the best article about publishing Exchange is?
(Including RPC over HTTP)
Thanks guys.
Steven
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
This E-Mail is confidential. It is not intended to be read, copied, disclosed
or used by any person other than the recipient named above.
Unauthorised use, disclosure, or copying is strictly prohibited and may be
unlawful. Optimum IT Solutions Ltd disclaims any liability for any action taken
in connection of this E-Mail. The comments or statements expressed in this
E-Mail are not necessarily those of Optimum IT Solutions Ltd or its
subsidiaries or affiliates.
administrator@xxxxxxxxxx
Other related posts:
