Re: Problem publishing SMTP server in DMZ
- From: Scott Truman <scott.truman@xxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 1 Dec 2005 20:02:19 +0000
Errr, any ideas, or should I be logging this problem with Microsoft then?
Scott
On 12/1/05, scotty <scott.truman@xxxxxxxxx> wrote:
>
> Hi,
>
> Layout:
> ISA2004 SP1 with 3 interfaces.
>
> External = Public IP Address
> DMZ/Perimeter = Private IP Address 192.168.1.0/24
> Internal = Private IP Address 10.10.10.0/22
>
> SMTP Server publishing rule (created using wizard):
> Action: 'Allow'
> Traffic:'SMTP Server'
> From: 'Anywhere'
> To: '192.168.1.10' 'Requests appear to come from IA Server computer'
> Networks: 'External'
> Schedule: 'Always/Active 24hours a day'
>
> Problem:
> I am having troubles publishing an SMTP server that lies in the DMZ
> (Tri-homed ISA 2004). When the published server rule, created using
> the wizard, is set to the IP in the 'Perimeter' or DMZ network the
> last default rule gets hit and I get the following logged: (Where
> 200.200.200.200 is the external IP connecting and 111.111.111.111 is
> the IP of the isa server's external interface)
>
> ISASERVER 2005-11-21 20:07:56 TCP 200.200.200.200:13959
> 111.111.111.111:25 200.200.200.200 External Local Host Denied
> 0xc004000d Default rule SMTP
>
> Now if I change the rule to point to an SMTP server connected on the
> internal interface it works, with the following logged:
>
> ISASERVER 2005-11-21 22:07:52 TCP 200.200.200.200:13703
> 111.111.111.111:25 200.200.200.200 External Internal Terminate
> 0x80074e20 Mail Server rule SMTP
>
> I can cannect on port 25 from the ISA server to the SMTP server in the
> DMZ.
>
> What am I doing wrong?
>
> Thanks in advance.
>
> Scott
>
>
--
-----------------
email: scott.truman@xxxxxxxxx
mobile: 07716262930
home: 0207 346 8867
Other related posts:
