Outlook and ISA Server, DNS Error?

Hello all, this is urgent and I appreciate the help!

I have SBS 2000 installed with ISA 2000 running. All my clients can get out to the internet and communicate with everyone else's machines on the internal network with no problems, i.e. server shares and printers, and everything is rosey as far as that's concerned.

The problem I am having is routing Outlook Internet Email through the Firewall to send and retreive email through an external provider on the client machines.  I am also unable to ping or telnet to the pop servers on the external domain(internet) from the client machines.   I have read numerous articles on this and created the IP Packet filters for ports 80, 25, 110, etc. to no avail.  The server itself has no problems with connecting to the pop and smtp servers via outlook or telnet.

Now I'm leaning towards maybe my DNS setup for the private network might not be correct.  If it's not the DNS can someone help?  I have listed the setup below in the order of connections, can anyone tell me what's wrong?  The SBS contains two NICs, one for external, one for internal and the SBS is also functioning as the DNS for the internal domain.

 ISP
 ISP Cable Router
 External Network Card on SBS Server Configured with ISP Static Address, subnet, gateway and DNS Servers
 Internal Network Card on SBS Server Configured with:
                                              IP:           192.168.1.10
                                              Subnet:    255.255.255.0
                                              Gateway:  192.168.1.1
                                              DNS:        192.168.1.10
Internal Router:
                                              IP:            192.168.1.1
                                              Subnet:     255.255.255.0
                                              Gateway:   192.168.1.1
                                              DNS:         192.168.1.10
Client Machines:
                                              IP:            192.168.1.X
                                              Subnet:     255.255.255.0
                                              Gateway:   192.168.1.1
                                              DNS:         192.168.1.10


If everything looks ok, can someone please guide me further, my clients need this access ASAP.

Thanks,
rkozel
rkozelAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

WeHeCommented:
you have to configure the ISP DNS servers as forwarders in your internal DNS.
you should point your SBS's DNS Settings to itself too, the forwarder should do the internet resolution.
if your SBS (DC) points to another DNS, you will have troubles sometimes.
0
WeHeCommented:
when you point your external NIC to use internal DNS dont forget to uncheck "Register this connection in DNS" for this NIC in TCPIP-DNS-Settings.
0
rkozelAuthor Commented:
Thank you, will give this a try this afternoon.  I apologize for sounding a little nieve here, but, how do I configure the ISP DNS servers as forwarders?  Can you tell me what settings to use for the internal and external nic's?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

WeHeCommented:
one correction:
External NIC can stay as it is. internal too.
just add the forwarder to your DNS Server:
Open DNS Management -> left click on your server -> right click your server -> properties -> forwarders -> Add the ISP DNS Servers at "Selected domain's forwarder IP address list:"
0
rkozelAuthor Commented:
Hi, I checked this just now and the forwarders are already there.  Anything else I can try?
0
WeHeCommented:
"telnet YOUR.MAIL(SMTP)SERVERS.NAME 25" (e.g. "telnet mail.mydomain.com 25") does not work?
"telnet telnet mail.mydomain.com 110" does not work too?
are you sure, you have configured ISA to let these ports go out on TCP?
what does "tracert mail.yourdomain.com" report?
0
rkozelAuthor Commented:
Well, it resolves the IP address to the remote server, but it looks like it's getting stuck at the router?!?  Won't go past the 192.168.1.1, destination net unreachable
0
WeHeCommented:
then your router is not forwarding traffic.
two ways:
1) configure routing and remote access for routing and set your ISA server as the default gateway for your clients.
2) configure your router (192.168.1.1) to do NAT for your clients.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rkozelAuthor Commented:
AMEN!  Thank you soo much for your help.  You helped me pinpoint it to the router and I was able to determine that the router was set to be used as an internet gateway.  That's why the requests were stopping there.  I was able to reconfigure it as a pass through router and reset all the clients to use 192.168.1.10 as the gateway, and a half hour later, Viola!  

Everything works fine.  Thank you so much again!  :-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.