Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Configure ISA Server 2004 to Allow Exchange and Windows Logon RPC Traffic

Posted on 2006-06-12
3
Medium Priority
?
574 Views
Last Modified: 2008-05-08
Hi All,

I am currently having a problem getting my Exchange 2003 Front End server to start its services when separated from my corporate network by an ISA 2004 server. The error is always RPC server unavailable. I have enabled the RPC protocol (all interfaces), LDAP, Kerberos, CIFS services. I know it is an ISA config issue since I have tried to bypass the ISA and start the services. Everything worked normally when the bypass was in effect. If anyone has any idea as to what I need to do it would be greatly appreciated if they shared it with me.

Thank you.
0
Comment
Question by:sandvine
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16891865
To start with,
Open the ISA GUI.

Click on monitoring - logging.
Click on start query
watch the logs when you try and start the services.

Any deny messages seen?
0
 

Author Comment

by:sandvine
ID: 16895713
Thank you for pointing me in the right direction. I am new to ISA, I didn't know it had the ability to display realtime packet filtering decisions. As it turns out. The problem was the fact that my Enterprise Policy was denying RPC traffic despite the fact that there was an array rule which allowed it. I created an enterprise level rule to allow RPC traffic to and from specific servers. Everything works now.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16896229
Thank you :)
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Integration Management Part 2
Screencast - Getting to Know the Pipeline

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question