[isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!

  • From: "Steve Moffat" <steve@xxxxxxxxxx>
  • To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 4 Dec 2006 22:45:01 -0400

Have you any idea how to set up a mail account? It's looking for the
correct username and password.

 

Are you allowing smtp out to the mail server?

 

Read the help....it's all covered there.

 

S

 

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Tee Darling
Sent: Monday, December 04, 2006 7:07 PM
To: ISA Mailing List
Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!

 

I have a rule in place now to "allow" -->Selected Protocols - POP3
Server --> From Internal --> incoming.verizon.net. 

The somehow "good news" is that when  I try to "Test Account Settings.."
in Outlook 2003 I received the following info: 

Established network connection      ---> Completed
Find outgoing mail server (SMTP)    ---> Completed
Find incoming mail server (POP3)   --->  Completed
Log onto incoming mail server (POP3) ->   Failed 
Send test e-mail message                  ->   Failed

Note: Before I implemented the rule above, I was receiving "Failed"
through out the above test. Now I am receiving 3 "Completed" and 2
"Failed" 

In addition, I received 2 errors now when I do the Test Account
Settings:
1). Send test e-mail message: The specified server was found, but there
was no response from the server. Please verifiy that the port and SSL
information is correct. To access these settings close this dialog, then
click More Settings and click on the Advanced tab 

2). Log onto incoming mail server (POP3): The specified server was
found, but there was no response from the server. Please verifiy that
the port and SSl information is correct. To access these settings close
this dialog, then click More Settings and click on the Advanced tab. 

Someone out there may have encountered this problem before. Any help as
to how this was resolved?

T   

On 12/4/06, Thor (Hammer of God) <thor@xxxxxxxxxxxxxxx> wrote:

You need outbound 110 to the pop3 server, not inbound.  Outbound from
internal to incoming.verizon.net host.

t


On 12/4/06 1:23 PM, "Tee Darling" <tee.darling77@xxxxxxxxx> spoketh to
all:

Well, I do have a rule in place for incoming POP3 from the External to
Internal network but I have been getting this error all the time. 


T

On 12/4/06, Steve Moffat <steve@xxxxxxxxxx> wrote:

Well yeeesss



You need an access rule on your ISA server to allow POP3 to the mail
server



S



From: isalist-bounce@xxxxxxxxxxxxx [mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> > ] On Behalf Of Tee Darling
Sent: Monday, December 04, 2006 4:21 PM

To: ISA Mailing List
Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!


This is what I received when I telnet to my ISP POP3 mail server:

"
C:\>telnet incoming.verizon.net <http://incoming.verizon.net>
<http://incoming.verizon.net>  110
Connecting To incoming.verizon.net...Could not open connection to the
host, on p 
ort 110: Connect failed

C:\>

Is there a rule that I have to come up with in order for this to work?

T

On 12/4/06, Ara Avvali <Ara.Avvali@xxxxxxxxxxxxx> wrote:

No he me means telnet to your isp pop mail server



From: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx>
<mailto:isalist-bounce@xxxxxxxxxxxxx>  [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> > ] On Behalf Of Tee Darling
Sent: Monday, December 04, 2006 11:08 AM
To: isalist@xxxxxxxxxxxxx


Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!

 

If you mean, to telnet inside the LAN from a workstation to the ISA box,
then this is what I received when I do that....---> 

C:\>telnet 192.168.35.1 <http://192.168.35.1> <http://192.168.35.1>
110
Connecting To 192.168.35.1...Could not open connection to the host, on
port 110:
 Connect failed

C:\>

T

On 12/4/06, Steve Moffat < steve@xxxxxxxxxx <mailto:steve@xxxxxxxxxx>
<mailto:steve@xxxxxxxxxx>  > wrote:

Can you telnet to port 110 from your workstations?



S



From: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx>
<mailto:isalist-bounce@xxxxxxxxxxxxx>  [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> > ] On Behalf Of Tee Darling
Sent: Monday, December 04, 2006 2:15 PM
To: ISA Mailing List
Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!

 

Jim,
  The answer to your questions is that Yes, traffic does flow through
ISA. All my workstations have the ISA client installed and they connect
to the Internet through the ISA box. The error code given by Outlook is
this --> "0x80042108 Outlook is unable to connect to your incoming POP3
e-mail server". 
I did a search at MS knowledge base and I received KB article 318790.
This article talks about this info:
SYMPTOMS
When you start Microsoft Outlook, you may not be able to send and
receive messages, and you may receive the following error message: 

0x80042108 Outlook is unable to connect to your incoming POP3 e-mail
server. 

 
  Error! Filename not specified.
<#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>    Back to the
top <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>   
CAUSE
This behavior may occur if any of the following conditions are true: 
 
  *   There are corrupted files on your hard disk.   
  *   You are running Norton Personal Firewall 2002.   
  *   You are running Norton Internet Security software.   
  *   You have installed an update to Microsoft Office.   
  *   The Norton anti-spam add-in is enabled in Outlook.  

Note Norton Personal Firewall 2002, Norton Internet Security software,
and the Norton Anti-Spam add-in are supported by Symantec Inc. 

 
  Error! Filename not specified.
<#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>    Back to the
top <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>   
RESOLUTION
To resolve this behavior, remove your Norton Person Firewall or Norton
Internet Security software and then reinstall your Norton Person
Firewall or Norton Internet Security software. 

Alternatively, you can use the contact information that is provided
later in this article if you need help.

To remove and then reinstall Norton Person Firewall or to remove and
then reinstall Norton Internet Security software, follow these steps.

------------------------------------------------------------------------
---------------------------------------------------------


Here is the info for my Client and ISA Ipconfig /all:

"Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

                      Client IPconfig /all
C:\>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : vivace 
        Primary Dns Suffix  . . . . . . . : XXXXXXX.net
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : XXXXXXX.net

Ethernet adapter LAN:

        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : Linksys LNE100TX Fast
Ethernet Adapt
er(LNE100TX v4)
        Physical Address. . . . . . . . . : 00-03-6D-15-28-95 
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.35.25
<http://192.168.35.25> <http://192.168.35.25>  
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
<http://255.255.255.0> <http://255.255.255.0>  
        Default Gateway . . . . . . . . . : 192.168.35.1
<http://192.168.35.1> <http://192.168.35.1>  
        DNS Servers . . . . . . . . . . . : 192.168.35.5
<http://192.168.35.5> <http://192.168.35.5>   ---> my Domain IP 
                                                   192.168.35.1---> ISA
box IP

Ethernet adapter Connection To Verizon:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : CNet PRO200WL PCI Fast
Ethernet Adap 
ter
        Physical Address. . . . . . . . . : 00-08-A1-22-CE-FC

C:\>

                             ISA Ipconfig /all

C:\>ipconfig /all

Windows IP Configuration 

   Host Name . . . . . . . . . . . . : ISA1
   Primary Dns Suffix  . . . . . . . : XXXXXXXX.net
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes 
   DNS Suffix Search List. . . . . . : XXXXXXXX.net

Ethernet adapter LAN:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/100 Network
Connection
   Physical Address. . . . . . . . . : 00-B0-D0-20-1C-DA 
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.35.1
<http://192.168.35.1> <http://192.168.35.1>  
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
<http://255.255.255.0> <http://255.255.255.0>  
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.35.1
<http://192.168.35.1> <http://192.168.35.1>  

Ethernet adapter WAN:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/100+ Server Adapter
(PILA847 
0B)
   Physical Address. . . . . . . . . : 00-D0-B7-4D-52-A4
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.3 <http://192.168.1.3>
<http://192.168.1.3>  
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
<http://255.255.255.0> <http://255.255.255.0>  
   Default Gateway . . . . . . . . . : 192.168.1.1 <http://192.168.1.1>
<http://192.168.1.1>  
   DNS Servers . . . . . . . . . . . : 192.168.35.1
<http://192.168.35.1> <http://192.168.35.1>  
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\>c"


Any help please? Thanks

T

On 12/4/06, Jim Harrison < Jim@xxxxxxxxxxxx <mailto:Jim@xxxxxxxxxxxx>
<mailto:Jim@xxxxxxxxxxxx>  > wrote:

You're not giving the error codes provided by Outlook.

Using that, you can search MSKB and very often discover your answer.

You also haven't provided any alerts or error events from your ISA.

Does *any* traffic flow through ISA?

What is the ISA ipconfig/all?

What is the test client ipconfig/all?



From: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx>
<mailto:isalist-bounce@xxxxxxxxxxxxx>  [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> > ] On Behalf Of Tee Darling
Sent: Monday, December 04, 2006 3:59 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Verizon DSL and ISA Server 2004 Problem!!!

 

ISA Gurus,
  I just added a Verizon DLS box (Westel 327W) to my network and now I
can't send any e-mail out. Here is the configuration:
I have 2 NICs in my ISA Server 2004. The internal NIC has the IP range
192.168.35.0 <http://192.168.35.0> <http://192.168.35.0>   thru
192.168.35.254 <http://192.168.35.254> <http://192.168.35.254>  . The
External NIC is connected to the Verizon DSL box. The DSL box gives out
the DHCP IP range 192.168.1.15 <http://192.168.1.15>
<http://192.168.1.15>    thru 192.168.1. 47.  I have assigned
192.168.1.3 <http://192.168.1.3>  <http://192.168.1.3>
<http://192.168.1.3>   to the NIC  that is connected to the DSL .  This
DSL  box by default allows all  traffic to  exit without  any
interferance.  I have  configured port  forwarding  for example  port
25,  port 443, port 110 etc to the appropriate box.  I can  receive
e-mail  on  my Exchange  Server 2003  without any difficulty but
whenever I send email out from one of my workstations, the email ends up
in the queue on the server and just sits there. Anything I am missing
here? 
Next, I am a little bit confused as to what kind of route configuration
I need to setup between my internal LAN and the DSL IP range or if one
would like to call it the DMZ. I am not sure if I can call the area of
the DSL IP range as the DMZ. Or would that area be part of the External
network? My plan is to add a 3rd NIC and assign the IP range 10.0.0.0
<http://10.0.0.0> <http://10.0.0.0>  thru 10.x.x.254 and call that zone
the DMZ. I haven't done this yet so I am not worry about it now. My main
problem is how to configure the ISA firewall again to let the email go
out from my Exchange Server 2003 box. I just had this problem when I
switched from my cable provider to the DSL provider. I never had this
problem with my cable box which wasn't given out any private IP
addresses out. 

I am also having problem making my verizon mail go out from my internal
LAN from one of my machine which has Outlook 2003. Here are the errors I
get from this workstation:

1). Find incoming mail server (POP3): Outlok could not connect to the
incoming mail server (POP3). The problem could be the server name or
port, or your server may not support SSL. Verify your port and SSl
settings in More Settings under the Advanced tab. 

2). Find outgoing mail server (SMTP): Outlok could not connect to the
outgoing mail server (POP3). The problem could be the server name or
port, or your server may not support SSL. Verify your port and SSl
settings in More Settings under the Advanced tab. 

3). Log onto incoming mail server (POP3): The specified server was
found, but there was no response from the server. Please verify that th
eport and SSL informatoin is correct. To access these settings close the
dialog, then click More Settings and click on the Advanced tab. 

4). Find incoming mail server (POP3): Outlok could not connect to the
incoming mail server (POP3). The problem could be the server name or
port, or your server may not support SSL. Verify your port and SSl
settings in More Settings under the Advanced tab. 

Any help will be greatly appreciated.

Thanks.

Tee

All mail to and from this domain is GFI-scanned. 


 

 

 

 

 

 

Other related posts: