Hi Joseph, OK, when I do the remake, I'll make them left to right :-) Yes, for the most trouble free and transparent config, make the Internal and external domains the same name. External hosts will only access your public records, which will only be for things like mail (A and MX), www, ftp, etc. Then you create the appropriate records for your Internal zone that goes by the same name. External hosts never access the Internal zone, and Internal hosts never access the external zone. Once you have it in place, you'll never go back :-) HTH, Tom -----Original Message----- From: josephk [mailto:josephk@xxxxxxxxx] Sent: Tuesday, June 29, 2004 4:48 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Outlook Client and RPC http://www.ISAserver.org Hi Thomas, Yes sir, I've read all of those goodies. You even mentioned the split DNS setup. Like a good techno-dude, My setup is already in place and I'm wondering how much Work it will be to get things working. I actually plan on reformatting all my machines Over the next month and redo the internal network. Maybe at that time I could change the name. So, your basically saying that if my external mail machine is mail.somesite.com That my internal DNS for that machine also needs to be mail.somesite.com? I nice picture form left to right might help solve this. Or, at least I like pictures of Network diagrams that go left to right rather then top to bottom! <grin> I actually thought that the message screener was interfering with the setup. Thank you, Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, June 29, 2004 2:31 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Outlook Client and RPC http://www.ISAserver.org Hi Joseph, The split DNS is an absolute key to making this work. The name of the Exchange Server needs to match the host name used to access the machine from the remote host, and the remote host needs to correctly fully qualify the NetBIOS name. I think I've written about this ten times, and I'm preparing to write about it again, since you can't say the same thing often enough, in different ways, when the thing being said it really important and really often misunderstood. Check out the DNS stuff in the various kits and the Outlook client configuation sections. There's coverage in those docs on the DNS client configs. HTH, Tom -----Original Message----- From: josephk [mailto:josephk@xxxxxxxxx] Sent: Tuesday, June 29, 2004 4:08 PM To: [ISAserver.org Discussion List] Subject: [isalist] Outlook Client and RPC http://www.ISAserver.org Hi All, I've re-read the articles on ISAServer.org and decided to add back in the capabilities to utilize Outlook clients over RPC to connect to my exchange machine. I run a back to back network. All machines are w2k boxes. I've not yet moved all over to windows 2003. My DNS machine in the DMZ hosts many sites and has a different Name then my DNS server behind my second firewall. My external ISA box has the message screener running and forwards all SMTP mail to a relay box. So, I setup the Exchange RPC rule to point to my internal ISA machine. I'm not sure if by pointing to the different sources has any affect on connecting with outlook client. SMTP mail is arriving as setup. I know that for the blaster and sasser type scripts it disables access to ports 135(outbound) and 445. What is the best way to trouble shoot this type of setup? I'm unable to connect from an external outlook client, message is that global address book not available? And can't find exchange. I don't' see any particular messages in the log files to pinpoint connectivity issues. Thank you, Joseph ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist