Solved

My POP3 Server rule stopped working on ISA 2004 connecting to Exchange Server 2003

Posted on 2008-10-30
5
272 Views
Last Modified: 2012-05-05
I recently switched ISP's and consequently got new IP addresses so during the overlap period I built a new ISA2004 machine to replace my existing one (configuring the new one with the new IP addresses) and when cutover to the new service everything worked.

For awhile.

Now, suddenly, my POP3 Server rule fails to allow Outlook Express clients on the outside to connect to the inside mail server.  The error in outlook express is "unexpectedly terminated the connection" and on the ISA server, in logging, I see a connection made and then closed right away.

Any ideas?

Thanks.
0
Comment
Question by:gateguard
  • 3
  • 2
5 Comments
 
LVL 19

Expert Comment

by:Stephen Manderson
ID: 22843903
Can you please post the details of the access rule being used to connect to the POP.

Also did you publish the mail server or has the rule been created manually?

Lastly can you please post some of the error logs relating to this issue.

Regards
Steve
0
 

Author Comment

by:gateguard
ID: 22845004
I used the server publishing wizard to create a POP3 Server.
General tab: POP3Server, enabled
Action: Allow, Log requests
Traffic: POP3 Server
From: External
To: 192.168.150.25, requests appear to come from original client
Networks: External, <correct outside address>
Schedule: Always

As far as errors:

In outlook express: "...server unexpectedly terminated the connection..."

On the ISA Server:

No errors but when I query the log file on this rule I see a series of initialized connection then closed connection with no indication why.

There are no events in the windows event log.
0
 

Author Comment

by:gateguard
ID: 22845007
Also, running the Best Practices Analyzer doesn't report anything wrong with this rule.
0
 
LVL 19

Accepted Solution

by:
Stephen Manderson earned 500 total points
ID: 22845688
Are you able to telnet to the server on the POP port?

Regards
Steve
0
 

Author Comment

by:gateguard
ID: 22852517
I found the problem.  It actually had nothing to do with my POP3 server rule.  A few days ago I set up a secure ftp server using a custom protocol and I misunderstood something I read about secure ftp wanting to have access to a large number of upper-range ports for random connections (or something like that) and I added a wide range of ports in my user-defined protocol.  Much too wide a range.  When I finally got around to doing a netstat -an and saw all the ports my machine was listening on, it clued me in to the problem.

So I deleted that rule, and that protocol and now everything is working.

I think the server was just bogged down with too much darn listening.  Anyway, to answer your question, yes, now I can telnet to the server on the POP port and now my pop mail is flowing.

Thanks for your help.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
A ISA2006 Replacement suggestion 1 321
Issue with ISA 2006 Automatic Detection 5 632
ISA Replacement 8 117
Upgrade TMG 2010 to Latest roll up 5 2 180
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question