ISA 2004 with Mail and FTP error
Hi,
I have ISA 2004 installed on one machine (192.168.1.2). It is connected to a doman whose domain controller is win2003 (192.168.1.3). ISA server is conencted ot the internet directly on a static ip (n.n.n.n).
Web browsing and filtering are working fine. I have MDaemon installed on DC, and it is unable to connect to any internet domains like mail.yahoo.com or mail.gmail.com or mail.anydomain.com.
I cannot telnet on port 25 or 110 either. If I connect to the internet directly then everything is working, the problem is on the ISA end. My mail host is mail.mydomain.com. If I try to connect to that using a mailserver or outlook or telnet, then I cannot. But if I connect to it using a browser then I am presented with a default page.
The same thing is with FTP as well.
I recently upgraded ISA 2000 to ISA 2004, and have started experiencing these problems. On 2000 you could do everything flawlessly but here I cant seem to figure out anything.
In my firewall setting in ISA i have enabled to allow all outbhound traffic from all networks to all networks.
I hope you understand my problem and would help me out.
Thanks,
Regards.
I have ISA 2004 installed on one machine (192.168.1.2). It is connected to a doman whose domain controller is win2003 (192.168.1.3). ISA server is conencted ot the internet directly on a static ip (n.n.n.n).
Web browsing and filtering are working fine. I have MDaemon installed on DC, and it is unable to connect to any internet domains like mail.yahoo.com or mail.gmail.com or mail.anydomain.com.
I cannot telnet on port 25 or 110 either. If I connect to the internet directly then everything is working, the problem is on the ISA end. My mail host is mail.mydomain.com. If I try to connect to that using a mailserver or outlook or telnet, then I cannot. But if I connect to it using a browser then I am presented with a default page.
The same thing is with FTP as well.
I recently upgraded ISA 2000 to ISA 2004, and have started experiencing these problems. On 2000 you could do everything flawlessly but here I cant seem to figure out anything.
In my firewall setting in ISA i have enabled to allow all outbhound traffic from all networks to all networks.
I hope you understand my problem and would help me out.
Thanks,
Regards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok the main problem still lies is that my MDaemon is still not able to connect. Maybe it is because of the DNS not allowed by ISA.
You are not allowing DNS requests. What probably happens is that ISA works perfectly as a web proxy, which means ISA server itself asks DNS requests and gets replies. NATted client machines however get no DNS response and as such cannot find any servers outside of your network.
Try to connect to your mail and ftp server by using the server's IP address and see if this works. If so, you know that you are not blocking those client protocols, but the DNS system.
http://www.isaserver.org/tutorials/DNS_for_ISA_Server.html
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/configuring_dns.mspx
Try to connect to your mail and ftp server by using the server's IP address and see if this works. If so, you know that you are not blocking those client protocols, but the DNS system.
http://www.isaserver.org/tutorials/DNS_for_ISA_Server.html
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/configuring_dns.mspx
ASKER
whermans, thanks for the input.
My problem is solved and everything is working fine now. keith_alabaster answer helped me alot that my settings were making ISA as a gateway. I changed the networks from internal to external and mail, ftp, net everything seems to be working.
Thanks.
My problem is solved and everything is working fine now. keith_alabaster answer helped me alot that my settings were making ISA as a gateway. I changed the networks from internal to external and mail, ftp, net everything seems to be working.
Thanks.
Thanks. :)
ISA can work two ways in respect to DNS. There are also two considerations for DNS that have to be thrown into the mix....
DNS operates in respect to querying by using udp port 53. This has to be enabled either from local host to external, internal+local host to external or just internal to external; this depends on whether you reolve your queries from the domain controllers using forwarders/root hints OR if you are just using a work group and you have asked ISA to do the resolving.
Generally speaking, you do not allow ISA to issue DNS requests. You make ISA query your internal DNS servers and they carry out the dns requests to the outside.
Bottom line of that waffle is that tcp port 53 should be allowed from internal to external.
The second area is when you are hosting your own DNS and you need to perform zone transfers. Zone transfers operate on port 53 also but using TCP rather than UDP.
Hope this helps but well done anyway.
Regards
Keith
ISA can work two ways in respect to DNS. There are also two considerations for DNS that have to be thrown into the mix....
DNS operates in respect to querying by using udp port 53. This has to be enabled either from local host to external, internal+local host to external or just internal to external; this depends on whether you reolve your queries from the domain controllers using forwarders/root hints OR if you are just using a work group and you have asked ISA to do the resolving.
Generally speaking, you do not allow ISA to issue DNS requests. You make ISA query your internal DNS servers and they carry out the dns requests to the outside.
Bottom line of that waffle is that tcp port 53 should be allowed from internal to external.
The second area is when you are hosting your own DNS and you need to perform zone transfers. Zone transfers operate on port 53 also but using TCP rather than UDP.
Hope this helps but well done anyway.
Regards
Keith
ASKER
I did what you asked, and now i was able to test outlook setting to send and recieve email messages. This is the monitoring done for a minute or so just for your knowledge. One thing is that why is port 53 denied ?
I will do some more testing and then give you information.
Original Client IP Client Agent Authenticated Client Service Referring Server Destination Host Name Transport HTTP Method MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Raw Payload GMT Log Time Source Port Processing Time Bytes Sent Bytes Received Cache Information Error Information Log Time Client IP Destination IP Destination Port Protocol Action Rule Result Code HTTP Status Code Client Username Source Network Destination Network URL Server Name Log Record Type
192.168.1.2 - TCP - - Yes - 5/10/2006 6:56:17 AM 2018 69000 4642 40132 0x0 0x0 5/10/2006 11:56:17 AM 192.168.1.2 192.168.1.3 8080 Unidentified IP Traffic Closed Connection 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN Internal Local Host - WEBSERVER Firewall
192.168.1.2 - TCP - - Yes - 5/10/2006 6:56:22 AM 2017 76000 9586 77626 0x0 0x0 5/10/2006 11:56:22 AM 192.168.1.2 192.168.1.3 8080 Unidentified IP Traffic Closed Connection 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN Internal Local Host - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:31 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:31 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:36 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:36 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:40 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:40 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:42 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:42 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:44 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:44 AM 192.168.1.2 128.8.10.90 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:46 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:46 AM 192.168.1.2 192.203.230.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:47 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:47 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - TCP - - Yes - 5/10/2006 6:56:48 AM 2083 0 0 0 0x0 0x0 5/10/2006 11:56:48 AM 192.168.1.2 192.168.1.3 1745 Unidentified IP Traffic Initiated Connection 0x0 Internal Local Host - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:49 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:49 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 OUTLOOK.EXE:3:5.2 - TCP - - No - 5/10/2006 6:56:49 AM 2084 250 0 0 0x0 0x0 5/10/2006 11:56:49 AM 192.168.1.2 66.197.234.69 25 mailerOUT Initiated Connection DC1 0x0 BPO\Administrator Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:50 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:50 AM 192.168.1.2 198.41.0.4 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:51 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:51 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:52 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:52 AM 192.168.1.2 192.203.230.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:54 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:54 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 OUTLOOK.EXE:3:5.2 - TCP - - No - 5/10/2006 6:56:56 AM 2084 6437 544 358 0x0 0x0 5/10/2006 11:56:56 AM 192.168.1.2 66.197.234.69 25 mailerOUT Closed Connection DC1 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN BPO\Administrator Internal Internet - WEBSERVER Firewall
192.168.1.2 OUTLOOK.EXE:3:5.2 - TCP - - No - 5/10/2006 6:56:56 AM 2085 0 0 0 0x0 0x0 5/10/2006 11:56:56 AM 192.168.1.2 66.197.234.69 110 POP3 Initiated Connection DC1 0x0 BPO\Administrator Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:56 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:56 AM 192.168.1.2 192.5.5.241 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:56:58 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:56:58 AM 192.168.1.2 192.203.230.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 OUTLOOK.EXE:3:5.2 - TCP - - No - 5/10/2006 6:56:59 AM 2085 3875 0 0 0x0 0x0 5/10/2006 11:56:59 AM 192.168.1.2 66.197.234.69 110 POP3 Closed Connection DC1 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN BPO\Administrator Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:00 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:00 AM 192.168.1.2 128.8.10.90 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:02 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:02 AM 192.168.1.2 128.8.10.90 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:04 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:04 AM 192.168.1.2 128.8.10.90 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:10 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:10 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:15 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:15 AM 192.168.1.2 198.41.0.4 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:19 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:19 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:22 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:22 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:23 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:23 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:23 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:23 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:23 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:23 AM 192.168.1.2 192.203.230.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:26 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:26 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:28 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:28 AM 192.168.1.2 192.203.230.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:29 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:29 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:31 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:31 AM 192.168.1.2 202.38.58.10 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:31 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:31 AM 192.168.1.2 198.41.0.4 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:32 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:32 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:34 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:34 AM 192.168.1.2 192.5.5.241 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:35 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:35 AM 192.168.1.2 192.36.148.17 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall
192.168.1.2 - UDP - - No - 5/10/2006 6:57:36 AM 1044 0 0 0 0x0 0x0 5/10/2006 11:57:36 AM 192.168.1.2 198.41.0.4 53 DNS Denied Connection DC1 0x800733f5 Internal Internet - WEBSERVER Firewall