RE: Two Internal Networks
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 7 Nov 2005 09:04:03 -0400
Rofl
________________________________
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Monday, November 07, 2005 8:58 AM
To: ISA Mailing List
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
Yes, well the first part is..
and had i been around i would have agreed then and their, fact is i
agreed late and we sorted started the ball rolling down a different hill
a little.
Greg
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Monday, November 07, 2005 11:36 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
Which, when you get right down to it, is what I said to Andrew
originally............
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Monday, November 07, 2005 8:28 AM
To: ISA Mailing List
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
Timmy
What I am able to do is have krystaltek.com and frogmail.isa-geek.com
(as I don't yet have another domain registered) one smtp publishing
rule, forwards to IIS on the ISA box. There I have setup two "remote
domains" which forward mail to their own exchange servers as smart
hosts. Hence I am able to get email to me@xxxxxxxxxxxxxxxxxxxxx through
my ISA. Both these domains are subject to filtering by the smtp filter
and message screener. No biggy!
With regard to multiple SMTP virtual servers: since each virtual server
has to be on its own ip the problem you will run into is how do you
publish both smtp servers to their respective internal ips. As soon as
the first smtp connection hits the first priority smtp rule will swing
into action and forward the email to the nominated virt server. If this
mail is not destined for this domain or virtual server then it will
fail. I would have thought that the message screener would work as long
as ISA sees the smtp stream, no matter what the destination is. The
only way I can see around this is to use non standard ports or multiple
external ips bound to the one interface.
greg
-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Monday, November 07, 2005 2:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
I'm thinking not... You can either use DNS to deliver mail directly to
the SMTP host, or use a single smart-host in IIS. That's kind of a deal
breaker for ISA to do it - but I agree that it should be a separate box
for that...
Let's not have our firewall doing domain-based SMTP delivery, eh? ;)
Oh, but, (duh) you can have multiple SMTP virtual servers, each with
their own smart host. That's the ticket. But I wonder how the message
screener would work with multiple SMTP virt servers... Never tried that.
Jim? Tom?
Bueller?
t
----- Original Message -----
From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, November 06, 2005 7:26 PM
Subject: [isalist] RE: Two Internal Networks
> http://www.ISAserver.org
>
>
> This is a multi-part message in MIME format.
>
------------------------------------------------------------------------
--------
Yep..to the first part
AFAIK you can enter multiple remote domains in IIS. What i was also
thinking
was using the IIS SMTP service on the ISA box so i could use the message
screener. But i think i'd rather use dedicated mail relay if i had the
hardware, then i can do gateway spam and virus filtering.
g
________________________________
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Mon 7/11/2005 2:12 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
I got ya... you're saying all SMTP traffic gets published from the ext
int
to the 3rd leg, and the 3rd leg will do domain based smart-host delivery
to
legs 1 and 2, which publish to the respective internal Exchange boxes...
In that private email, you were talking about the screener doing that,
but
the IIS SMTP service can only do single smart-host delivery, right?
What
did you have in mind for domain-based smart host delivery?
t
----- Original Message -----
From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, November 06, 2005 6:41 PM
Subject: [isalist] RE: Two Internal Networks
> http://www.ISAserver.org
>
>
> This is a multi-part message in MIME format.
>
------------------------------------------------------------------------
--------
Thor
From what i get. he's got two network behind one ISA. Now i am assuming
that
this (the second network) is a new one. Otherwise, they must have thier
own
firewall and internet connection somewhere or he must have something
going
on serving up a gateway/firewall functionality to that network. Even if
that
is the case, the easiest way is put a third nic in the ISA box and
publish a
mail relay server.
________________________________
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Mon 7/11/2005 1:28 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
Can you draw out the network? I'm confused on exactly how you've got
the 2
separate nets going... You have 2 clients sharing one ISA server?
t
----- Original Message -----
From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, November 06, 2005 5:55 PM
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
3 NICs??
Why couldn't one use setup SMTP under IIS on ISA and have the Exchange
rule push the SMTP over to the ISA box and out through either network?
Andrew
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Saturday, November 05, 2005 11:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
3 nics and windows rras
-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Sent: Saturday, November 05, 2005 12:04 PM
To: ISA Mailing List
Subject: [isalist] RE: Two Internal Networks
http://www.ISAserver.org
That's find but I have two networks with two different IPs. 192.168.x.x
and 10.10.x.x so how do I redirect the SMTP if the machine sits on one
network or the other?
Andrew
------------------------------------------------------------------------
--------
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------------------------
--------
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
