• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 274
  • Last Modified:

ISA 2000 blocking port 25 and 110

I've just installed ISA 2000 on Server 2003 and everything web wise is working hunkydorey, but the emails from Exchange are being blocked by ISA server now.  I have opened all protocols and ports (i think) and the logs are still reporting them as blocked?!?!

The setup is 2 nics in the server
internal nic: 192.168.16.1
external nic: 192.168.0.1

Sample Log:
date              time         source-ip       destination-ip protocol     param#1     param#2    filter-rule   interface
2006-05-03   10:15:36   192.168.0.1   x.x.x.x           Tcp           11291          25              BLOCKED   192.168.0.1
2006-05-03   10:15:42   192.168.0.1   x.x.x.x           Tcp           11291          25              BLOCKED   192.168.0.1

Any help would be apreciated.
0
SteSi
Asked:
SteSi
  • 5
  • 3
1 Solution
 
Keith AlabasterCommented:
Are you talking about traffic coming in from the Internet to the internal server?
If yes, have you published the servers under publishing rules?
You will need two.

One for publishing a mail server (will deal with port 25)
One for publishing a server        (specify port 110 for pop3)
0
 
SteSiAuthor Commented:
No, this is problems with exchange on the same server that can't process the incoming\outgoing queues.  So this is internal i.e. the exchange server is trying to retrive email (from a catch all mailbox) using the pop3 connector and trying to send them out using the smtp connector.
0
 
Keith AlabasterCommented:
So on your outgoing rules, have you allowed all protocols or just http/https?

If http/https selected only, add 25 and 110 to the selected protocol list.
If all protocols already selected, please advise.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Keith AlabasterCommented:
Just a question, is Exchange actually on the ISA box?
If it is, you need to add local host to the 'from' box in the outgoing rule.
0
 
SteSiAuthor Commented:
I assume your talking about 'Protocol rules' under 'Access policy' (sorry not totally up to date with ISA) i have an allow rule for all ip traffic and applies to any traffic, i this what you mean?
0
 
Keith AlabasterCommented:
Yes., it is.
Is ISA server and Exchange server on the same physical server box?
0
 
SteSiAuthor Commented:
Yes it is on the same server,

I solved the problem, i had 4 rules setup, 2 for smtp (outgoing and incoming) and 2 for pop3 (outgoing and incoming) but i set all 4 rules to have fixed local ports instead of the outgoings to use remote ports!

Cheers for all your help

points awarded for continued help!
0
 
Keith AlabasterCommented:
Thank you very much.

Regards
Keith
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now