I resolved the problems ISA 2004 has to have protocol rules enabled for the internal interfaces of ISA and the Exchange server Follow the article "Configuring an Inbound and Outbound SMTP Relay" Then Create an additional rule Exch > ISA SMTP Allow SMTP From Exch > SMTP RELAY and Local host After the rule is enabled test the connectivity ( TELNET "HOST" 25 ) to the Exchange server and the SMTP relay to verify The same concept is required connectivity to the ISA Firewall installation client, RDP and DNS I also had problems with installing the AV software on the ISA server... Creating the appropriate rules to enable connectivity between the appropriate servers resolved this issue... Now that raises another issue The internal/external Web server was also failing l .... What is the recommended practice for protocol rules between Infrastructure servers, clients and ISA2004 I see these issues as quite an important concept in securing ISA 2004 and enabling appropriate access as most admins will probably create a rule (FROM) (TO) Server Name All Protocols ISA Local Internal ISA Internal Darryl Janetzki ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, 10 August 2004 1:24 PM Subject: RE: SMTP could not connect to the DNS server '192.168.1.254'. The protocol used was 'UDP'. It may be down or inaccessible. Hi Darryl, You'll have to create access rules on the ISA firewall to access the protocols and sites you require. Also, make sure the system policy matches your organization's requirements. HTH, Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Get the book! Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls -----Original Message----- From: Darryl Janetzki [mailto:darrylj@xxxxxxxxxxxxxxxx] Sent: Monday, August 09, 2004 10:12 PM To: [ISAserver.org Discussion List] Subject: [isalist] SMTP could not connect to the DNS server '192.168.1.254'. The protocol used was 'UDP'. It may be down or inaccessible. http://www.ISAserver.org Hi, I have an Exchange 2003 server behind an ISA 2004 server Outbound mail is not working. I have not deployed a SMTP relay at this point... I can resolve external DNS sites from the DNS forwarder on ISA..... Any suggestions? Also, ISA 2000 allowed internal servers be accessed by RDP and the Internal web servers via the DNS names... that functionality has stopped. I am only able to access internal web servers via NetBIOS names. External publishing of web and RDP works just fine Thanks Darryl Janetzki ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx