Hi Darko, What is the *exact* IP addressing information on the ISA firewall's interfaces? What is the *exact* IP addressing informationon the SMTP server's interface? Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx] Sent: Friday, January 28, 2005 8:31 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org Mail Server can connect outbound. I already wrote that. They are 100% Secure NAT client. First I publish Microsoft SMTP server and Second I publish LINUX SMTP server and both of them don't want to work when they are published. DNS Server also don't want to work when I set "Requests appear to come from the origial client" option. I test this configuration on two phisical separated ISA Servers. :( Darko Kljajić Administrator for operating systems IT Department tel: +381 11 201 1567 mob: +381 64 811 1655 e-mail: darko@xxxxxxxxxxxxxxxx =========================== Delta Banka A.D. Milentija Popovića 7b, Belgrade Serbia & Montenegro site: www.deltabanka.co.yu =========================== -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: 28. januar 2005 15:10 To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org First of all, this list is exactly that; a place for folks to get direction (isn't that why you're here?). Second, if the mail travels when "send ISA IP" is set, but not when "send original client IP" is set, then ISA and / or client configurations likely are causing it. Is your mail server configured to allow connections only from "local" IPs? Can you be more specific about "doesn't work?" Can the mail server connect outbound? -----Original Message----- From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx] Sent: Friday, January 28, 2005 5:27 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org I set up mail server to be a secure NAT client before everyone tell me that. That adjustment is basic. (those that don't know that shoudn't be on this discussion list, they have to read a lot) I have same problem with DNS too. Network rule set: Perimeter to External = NAT Publish rule: SMTP server, from: anywhere to "ip address of smtp server"(in perimeter network), Requests appear to come from the origial client SMTP Server: Default Gateway is the address of ISA's IP address in perimeter network (SMTP server is not firewall client) When I try to connect from external network to external IP address of ISA Server on port 25 I get nothing. I set access rule that allow smtp from Perimeter network to External. Everything works. When I try to connect from mail server in perimeter network to mail server in External network ... it works. With this test I prove that perimeter mail server has a DG. I repeat ... when I publish any server with Server rule and with feature "Requests appear to come from the origial client" (HALF NAT) it doesn't work. Darko Kljajić Administrator for operating systems IT Department tel: +381 11 201 1567 mob: +381 64 811 1655 e-mail: darko@xxxxxxxxxxxxxxxx =========================== Delta Banka A.D. Milentija Popovića 7b, Belgrade Serbia & Montenegro site: www.deltabanka.co.yu =========================== -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: 25. januar 2005 16:53 To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org It's something the ISA team discussed changing to since "NAT" isn't necessarily part of the communications if the network or host relationship is "route". -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, January 25, 2005 07:00 To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org Hey Jim, You mentioned the name transition from SecureNAT to SecureNET. I actually prefer SuperNAT client myself :-) I haven't found any other references to SecureNET though -- I found a few references to "transparent proxy" which I think it walking down the wrong street, since most people consider transparency to be at layer 2, which the SecureNAT/NET/SuperNET/SuperNAT client ain't. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Tuesday, January 25, 2005 8:39 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP publishing problem http://www.ISAserver.org Your SMTP server needs to be a SecureNET client. This is covered in the ISA help and several publishing articles on http://isaserver.org/articles_tutorials/publishing/ and http://www.microsoft.com/isaserver/techinfo/guidance/2004/publishing.asp -----Original Message----- From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx] Sent: Monday, January 24, 2005 11:37 PM To: [ISAserver.org Discussion List] Subject: [isalist] SMTP publishing problem http://www.ISAserver.org SMTP publishing don't work until I change the option that "Requests appear to come from the ISA Server computer". I don't want to set it that way because my anti-spam software doesn't work. I "understand" why that option doesn't work with http publishing, but what is the problem with SMTP? Darko Kljajić Administrator for operating systems IT Department tel: +381 11 201 1567 mob: +381 64 811 1655 e-mail: darko@xxxxxxxxxxxxxxxx =========================== Delta Banka A.D. Milentija Popovića 7b, Belgrade Serbia & Montenegro site: www.deltabanka.co.yu =========================== ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: darko@xxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: darko@xxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx