RE: Some help required!!!
- From: "John Tolmachoff" <isalist@xxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 11 Oct 2002 13:09:37 -0700
>I configured a DMZ using private network address.
Not good. DMZ by design needs to be public IP address.
>The internal ISA server serves as the bridge between the DMZ and the
internal corporate network.
What do you mean by bridge? Router? Not as a firewall?
The subnet for the "DMZ", is it in the LAT of the "1st" ISA?
What are the TCP/IP settings on the "External interface" of the "Internal
2nd" ISA?
What are the TCP/IP setting on the "Internal interface" of the "External
1st" ISA?
Kind of sounds like a LAT/routing issue.
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-----Original Message-----
From: Marco Castillo [mailto:mabcastillo@xxxxxxxxxxxxxxxx]
Sent: Friday, October 11, 2002 12:46 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Some help required!!!
http://www.ISAserver.org
Hello to all the ISA maillist!!!
I have configured the following scenario: I have two ISA servers in the
configuration back to back, let's name them the internal and the external
ISA Servers. I configured a DMZ using private network address. The subnet of
the DMZ is 192.168.9.0 mask 255.255.255.0. The internal ISA server serves as
the bridge between the DMZ and the internal corporate network. The subnet
used in the internal corporate network is 192.168.10.0 mask 255.255.255.0.
The addresses of the internal ISA Server are 192.168.9.34 for the DMZ subnet
and 192.168.10.34 for the internal corporate network subnet. I have
installed a SMTP server in the DMZ subnet, the address for this server is
192.168.9.10.
Here is my problem: I need that the internal corporate network users access
the SMTP server located in the DMZ. For this use, I configured a protocol
rule allowing my internal users to connect to a SMTP service through the
internal ISA Server, but this doesn't work. I'm unable to made a telnet
session to the port 25 (SMTP port) in the SMTP server (192.168.9.10), I'm
actually receiving the error: "Session disconnected from the host", and the
same happen when I'm trying to connect using a SMTP client program like
Outlook. The funny thing is that http works great, without any problem. I
try some other protocols, like telnet and they don't seem to work in the
DMZ. In few words, the protocols rules aren't functioning in the DMZ subnet.
Does anybody has an idea of the problem???, I'm configuring all the internal
corporate clients as SecureNAT clients, maybe I have to upgrade to firewall
clients??? Any help would be apreciated!!!
Thank you in advance
Ing. Marco Antonio Castillo
Chief Design Engineer
Van Der Kaaden IT Consulting
Guatemala, Guatemala C.A.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
