Solved

Configure ISA Server 2004 to Allow Exchange and Windows Logon RPC Traffic

Posted on 2006-06-12
3
547 Views
Last Modified: 2008-05-08
Hi All,

I am currently having a problem getting my Exchange 2003 Front End server to start its services when separated from my corporate network by an ISA 2004 server. The error is always RPC server unavailable. I have enabled the RPC protocol (all interfaces), LDAP, Kerberos, CIFS services. I know it is an ISA config issue since I have tried to bypass the ISA and start the services. Everything worked normally when the bypass was in effect. If anyone has any idea as to what I need to do it would be greatly appreciated if they shared it with me.

Thank you.
0
Comment
Question by:sandvine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 16891865
To start with,
Open the ISA GUI.

Click on monitoring - logging.
Click on start query
watch the logs when you try and start the services.

Any deny messages seen?
0
 

Author Comment

by:sandvine
ID: 16895713
Thank you for pointing me in the right direction. I am new to ISA, I didn't know it had the ability to display realtime packet filtering decisions. As it turns out. The problem was the fact that my Enterprise Policy was denying RPC traffic despite the fact that there was an array rule which allowed it. I created an enterprise level rule to allow RPC traffic to and from specific servers. Everything works now.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16896229
Thank you :)
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question