Problem Sending And Receiving Email Through ISA Server Using Outlook

Hello,

     OK. First, I am very new to ISA Server, but even worse on Linux firewalls. So please bear with me. If I do not provide enough info please let me know.

I have two firewalls. One ISA and one Linux. The Linux firewall is old, not up to date, and we just plain do not want it anymore.

My issue is that when the two firewalls are up everything works fine. Email, Web, Our published web server, Vpn....and so on. When the Linux firewall is down everything still works fine.....for a while.

Today I shutdaown the Linux server around lunch time. I went around and evryone was able to send and receive email. I was happy! After a couple of hours I started receiving phone calls. One by one people were unable to send and receive email. After five people calling me I started the Linux server back up and everything was fine. I don't understand why some people were able to send/receive and others were not. All machines are setup exactly the same.

By the way the error I am receiving for Outlook when they do not work is "The specified server was found, but could not get a response." Does this sound like a packet filter problem? If so I have one set for Incoming Pop Protocol.

Any help is appreciated,

John
LVL 1
CorrAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MCSE-2002Commented:
do you have both servers acting as default gateways on your local network?

If the linux server is on 192.168.0.1 and the other is on 192.168.0.2, then when you kill one, those who have that gateway programmed in tcp/ip will be dead in the water.
They have access to local net, but no other networks (i.e. internet).

try doing a "tracert -d {mailserverip}" from a dos prompt from one of the dead machines.

then do a tracert -d mailserverip from a good one. Does the network use a different route?

try "telnet mailserveripaddress 25" from a dos prompt. Do you get a message like "220 mail.com smtp server ready.."
if you do, then you do have access on port 25, it is another problem.

how is your network set up?

<--Internet---|external_FW|--|dmz|--|internal_FW|--LAN-->

if so, both firewalls must be operational, or no packets will go.

Hope this gives you some ideas
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CorrAuthor Commented:
Hey MCSE-2002,

     To answer you first question no. The TCP/IP settings on a problem client are the same as the working clients.

I cannot to a tracert on a dead one yet as currently I do not want to interupt the business. I will try after hours.

When I do a tracert on my machine I did notice that it is going through the Linux server, which is what I don't want.

I will try the Telnet, but I would like to see if I can get the machines to go through the ISA.

My Network is set like this:

Internet--|ISA Firewall|--LAN
                |
Internet--|Linux Firewall|--LAN

So your only going through one firewall to get to the LAN. Both walls have thier own Static WAN IP.

So I guess I need to find out why the client is going through the Linux server to get out. Any Ideas. TCP/IP Settings are setup properly to go through the ISA.

Thanks,

John









Internet
0
huckeyCommented:
do you have the ISA firewall clients installed ?
0
TroutOzCommented:
Just a stab in the dark here.

How are you routing? Are you using Static or some routing protocol like RIP? If you are routing dynamically then could it be that the ISA box is loosing the routing table after a while because it is using the routes advertise by your linux box?

Is it just your email failing? If so is it inbound and out bound email? is your mail server inside or outside the firewall? Could your linux box have an MX record for your domain pointing to it?

I have seen cases where the email gets delivered to the firewall and then the firewall passes it onto the real mail server.
0
CorrAuthor Commented:
MCSE-2002,

Although your answer didn't quite pinpoint the exact problem, it did however help me figure out what was wrong. So I am going to give you the points anyway.

The problem was that the clients must have been receiving the TCP/IP settings or just the default gateway IP from the DHCP server. I could have sworn that I changed that setting on the DHCP, but I guess I was wrong. So. I changed the default gateway on the DHCP server and it solved my problem. I have been running without the Linux server now and everything is peachy.

Thanks,

John
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.