[isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 04 Dec 2006 13:38:28 -0800
You need outbound 110 to the pop3 server, not inbound. Outbound from
internal to incoming.verizon.net host.
t
On 12/4/06 1:23 PM, "Tee Darling" <tee.darling77@xxxxxxxxx> spoketh to all:
> Well, I do have a rule in place for incoming POP3 from the External to
> Internal network but I have been getting this error all the time.
>
>
> T
>
> On 12/4/06, Steve Moffat <steve@xxxxxxxxxx> wrote:
>> Well yeeesss
>>
>>
>>
>> You need an access rule on your ISA server to allow POP3 to the mail server
>>
>>
>>
>> S
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx [mailto: isalist-bounce@xxxxxxxxxxxxx
>> <mailto:isalist-bounce@xxxxxxxxxxxxx> ] On Behalf Of Tee Darling
>> Sent: Monday, December 04, 2006 4:21 PM
>>
>> To: ISA Mailing List
>> Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!
>>
>>
>> This is what I received when I telnet to my ISP POP3 mail server:
>>
>> "
>> C:\>telnet incoming.verizon.net <http://incoming.verizon.net> 110
>> Connecting To incoming.verizon.net...Could not open connection to the host,
>> on p
>> ort 110: Connect failed
>>
>> C:\>
>>
>> Is there a rule that I have to come up with in order for this to work?
>>
>> T
>>
>> On 12/4/06, Ara Avvali <Ara.Avvali@xxxxxxxxxxxxx> wrote:
>>
>> No he me means telnet to your isp pop mail server
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx>
>> [mailto: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ]
>> On Behalf Of Tee Darling
>> Sent: Monday, December 04, 2006 11:08 AM
>> To: isalist@xxxxxxxxxxxxx
>>
>>
>> Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!
>>
>>
>>
>> If you mean, to telnet inside the LAN from a workstation to the ISA box, then
>> this is what I received when I do that....--->
>>
>> C:\>telnet 192.168.35.1 <http://192.168.35.1> 110
>> Connecting To 192.168.35.1...Could not open connection to the host, on port
>> 110:
>> Connect failed
>>
>> C:\>
>>
>> T
>>
>> On 12/4/06, Steve Moffat < steve@xxxxxxxxxx <mailto:steve@xxxxxxxxxx> >
>> wrote:
>>
>> Can you telnet to port 110 from your workstations?
>>
>>
>>
>> S
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx>
>> [mailto: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ]
>> On Behalf Of Tee Darling
>> Sent: Monday, December 04, 2006 2:15 PM
>> To: ISA Mailing List
>> Subject: [isalist] Re: Verizon DSL and ISA Server 2004 Problem!!!
>>
>>
>>
>> Jim,
>> The answer to your questions is that Yes, traffic does flow through ISA.
>> All my workstations have the ISA client installed and they connect to the
>> Internet through the ISA box. The error code given by Outlook is this -->
>> "0x80042108 Outlook is unable to connect to your incoming POP3 e-mail
>> server".
>> I did a search at MS knowledge base and I received KB article 318790. This
>> article talks about this info:
>> SYMPTOMS
>> When you start Microsoft Outlook, you may not be able to send and receive
>> messages, and you may receive the following error message:
>>
>> 0x80042108 Outlook is unable to connect to your incoming POP3 e-mail server.
>>
>>
>> Error! Filename not specified.
>> <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top> Back to the top
>> <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>
>> CAUSE
>> This behavior may occur if any of the following conditions are true:
>>
>> ? There are corrupted files on your hard disk.
>> ? You are running Norton Personal Firewall 2002.
>> ? You are running Norton Internet Security software.
>> ? You have installed an update to Microsoft Office.
>> ? The Norton anti-spam add-in is enabled in Outlook.
>>
>> Note Norton Personal Firewall 2002, Norton Internet Security software, and
>> the Norton Anti-Spam add-in are supported by Symantec Inc.
>>
>>
>> Error! Filename not specified.
>> <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top> Back to the top
>> <#10f4f35296069fad_10f4ef63eaafe890_10f4ebf5db4c99e8_top>
>> RESOLUTION
>> To resolve this behavior, remove your Norton Person Firewall or Norton
>> Internet Security software and then reinstall your Norton Person Firewall or
>> Norton Internet Security software.
>>
>> Alternatively, you can use the contact information that is provided later in
>> this article if you need help.
>>
>> To remove and then reinstall Norton Person Firewall or to remove and then
>> reinstall Norton Internet Security software, follow these steps.
>>
>> -----------------------------------------------------------------------------
>> ----------------------------------------------------
>>
>>
>> Here is the info for my Client and ISA Ipconfig /all:
>>
>> "Microsoft Windows XP [Version 5.1.2600]
>> (C) Copyright 1985-2001 Microsoft Corp.
>>
>> Client IPconfig /all
>> C:\>ipconfig /all
>>
>> Windows IP Configuration
>>
>> Host Name . . . . . . . . . . . . : vivace
>> Primary Dns Suffix . . . . . . . : XXXXXXX.net
>> Node Type . . . . . . . . . . . . : Unknown
>> IP Routing Enabled. . . . . . . . : No
>> WINS Proxy Enabled. . . . . . . . : No
>> DNS Suffix Search List. . . . . . : XXXXXXX.net
>>
>> Ethernet adapter LAN:
>>
>> Connection-specific DNS Suffix . :
>> Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet
>> Adapt
>> er(LNE100TX v4)
>> Physical Address. . . . . . . . . : 00-03-6D-15-28-95
>> Dhcp Enabled. . . . . . . . . . . : No
>> IP Address. . . . . . . . . . . . : 192.168.35.25
>> <http://192.168.35.25>
>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>> <http://255.255.255.0>
>> Default Gateway . . . . . . . . . : 192.168.35.1
>> <http://192.168.35.1>
>> DNS Servers . . . . . . . . . . . : 192.168.35.5
>> <http://192.168.35.5> ---> my Domain IP
>> 192.168.35.1---> ISA box
>> IP
>>
>> Ethernet adapter Connection To Verizon:
>>
>> Media State . . . . . . . . . . . : Media disconnected
>> Description . . . . . . . . . . . : CNet PRO200WL PCI Fast Ethernet
>> Adap
>> ter
>> Physical Address. . . . . . . . . : 00-08-A1-22-CE-FC
>>
>> C:\>
>>
>> ISA Ipconfig /all
>>
>> C:\>ipconfig /all
>>
>> Windows IP Configuration
>>
>> Host Name . . . . . . . . . . . . : ISA1
>> Primary Dns Suffix . . . . . . . : XXXXXXXX.net
>> Node Type . . . . . . . . . . . . : Broadcast
>> IP Routing Enabled. . . . . . . . : Yes
>> WINS Proxy Enabled. . . . . . . . : Yes
>> DNS Suffix Search List. . . . . . : XXXXXXXX.net
>>
>> Ethernet adapter LAN:
>>
>> Connection-specific DNS Suffix . :
>> Description . . . . . . . . . . . : Intel(R) PRO/100 Network Connection
>> Physical Address. . . . . . . . . : 00-B0-D0-20-1C-DA
>> DHCP Enabled. . . . . . . . . . . : No
>> IP Address. . . . . . . . . . . . : 192.168.35.1 <http://192.168.35.1>
>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 <http://255.255.255.0>
>> Default Gateway . . . . . . . . . :
>> DNS Servers . . . . . . . . . . . : 192.168.35.1 <http://192.168.35.1>
>>
>> Ethernet adapter WAN:
>>
>> Connection-specific DNS Suffix . :
>> Description . . . . . . . . . . . : Intel(R) PRO/100+ Server Adapter
>> (PILA847
>> 0B)
>> Physical Address. . . . . . . . . : 00-D0-B7-4D-52-A4
>> DHCP Enabled. . . . . . . . . . . : No
>> IP Address. . . . . . . . . . . . : 192.168.1.3 <http://192.168.1.3>
>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 <http://255.255.255.0>
>> Default Gateway . . . . . . . . . : 192.168.1.1 <http://192.168.1.1>
>> DNS Servers . . . . . . . . . . . : 192.168.35.1 <http://192.168.35.1>
>> NetBIOS over Tcpip. . . . . . . . : Disabled
>>
>> C:\>c"
>>
>>
>> Any help please? Thanks
>>
>> T
>>
>> On 12/4/06, Jim Harrison < Jim@xxxxxxxxxxxx <mailto:Jim@xxxxxxxxxxxx> >
>> wrote:
>>
>> You're not giving the error codes provided by Outlook.
>>
>> Using that, you can search MSKB and very often discover your answer.
>>
>> You also haven't provided any alerts or error events from your ISA.
>>
>> Does *any* traffic flow through ISA?
>>
>> What is the ISA ipconfig/all?
>>
>> What is the test client ipconfig/all?
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx>
>> [mailto: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ]
>> On Behalf Of Tee Darling
>> Sent: Monday, December 04, 2006 3:59 AM
>> To: isalist@xxxxxxxxxxxxx
>> Subject: [isalist] Verizon DSL and ISA Server 2004 Problem!!!
>>
>>
>>
>> ISA Gurus,
>> I just added a Verizon DLS box (Westel 327W) to my network and now I can't
>> send any e-mail out. Here is the configuration:
>> I have 2 NICs in my ISA Server 2004. The internal NIC has the IP range
>> 192.168.35.0 <http://192.168.35.0> thru 192.168.35.254
>> <http://192.168.35.254> . The External NIC is connected to the Verizon DSL
>> box. The DSL box gives out the DHCP IP range 192.168.1.15
>> <http://192.168.1.15> thru 192.168.1. 47. I have assigned 192.168.1.3
>> <http://192.168.1.3> to the NIC that is connected to the DSL . This DSL
>> box by default allows all traffic to exit without any interferance. I
>> have configured port forwarding for example port 25, port 443, port 110
>> etc to the appropriate box. I can receive e-mail on my Exchange Server
>> 2003 without any difficulty but whenever I send email out from one of my
>> workstations, the email ends up in the queue on the server and just sits
>> there. Anything I am missing here?
>> Next, I am a little bit confused as to what kind of route configuration I
>> need to setup between my internal LAN and the DSL IP range or if one would
>> like to call it the DMZ. I am not sure if I can call the area of the DSL IP
>> range as the DMZ. Or would that area be part of the External network? My plan
>> is to add a 3rd NIC and assign the IP range 10.0.0.0 <http://10.0.0.0> thru
>> 10.x.x.254 and call that zone the DMZ. I haven't done this yet so I am not
>> worry about it now. My main problem is how to configure the ISA firewall
>> again to let the email go out from my Exchange Server 2003 box. I just had
>> this problem when I switched from my cable provider to the DSL provider. I
>> never had this problem with my cable box which wasn't given out any private
>> IP addresses out.
>>
>> I am also having problem making my verizon mail go out from my internal LAN
>> from one of my machine which has Outlook 2003. Here are the errors I get from
>> this workstation:
>>
>> 1). Find incoming mail server (POP3): Outlok could not connect to the
>> incoming mail server (POP3). The problem could be the server name or port, or
>> your server may not support SSL. Verify your port and SSl settings in More
>> Settings under the Advanced tab.
>>
>> 2). Find outgoing mail server (SMTP): Outlok could not connect to the
>> outgoing mail server (POP3). The problem could be the server name or port, or
>> your server may not support SSL. Verify your port and SSl settings in More
>> Settings under the Advanced tab.
>>
>> 3). Log onto incoming mail server (POP3): The specified server was found, but
>> there was no response from the server. Please verify that th eport and SSL
>> informatoin is correct. To access these settings close the dialog, then click
>> More Settings and click on the Advanced tab.
>>
>> 4). Find incoming mail server (POP3): Outlok could not connect to the
>> incoming mail server (POP3). The problem could be the server name or port, or
>> your server may not support SSL. Verify your port and SSl settings in More
>> Settings under the Advanced tab.
>>
>> Any help will be greatly appreciated.
>>
>> Thanks.
>>
>> Tee
>>
>> All mail to and from this domain is GFI-scanned.
>>
>>
>>
>>
>>
>>
>>
>
Other related posts:
