howto configure isa 2006 single nic with exchange 2003 rpc/http

Posted on 2009-02-18
Last Modified: 2012-08-14
Can someone point me in the right direction in order to get this to work. I have the following setup. Isa 2006 with single nic in dmz, Exchange 2003 front-end on the inside and 2 exchange mailbox servers. I have one listener on the isa that uses FBA with AD. All services are working except the rpc.

Isa log reports the following.
RPC_IN_DATA 64 The specified network name is no longer available
RPC_OUT_DATA 503 Service Unavailable

Exchange front-end
all log entries related to rpc ends with MSRPC 200

Question by:sbucks
    LVL 15

    Expert Comment

    how on earth do you expect to use ISA to forward RPC/HTTP when its only got one NIC?? your clearly using a different device to allow inbound traffic into your environment, so port forward 443 to your exchange fron end on that device.

    Author Comment

    Thanks for your reply, I used the following article as a guide

    In that scenario the ISA only has one nic, maybe I am missing something.
    LVL 15

    Expert Comment

    hurumph - you are correct....
    i just dont understand why if your ISA 2006 isnt your edge box, why you would bother to re-direct traffic from your firewall to your ISA, so it can be re-directed to your exchange CAS. Pre-auth... and i spose ISA gives your more flexibility around your re-directs etc... but yer, i'd always make the ISA a dual homed box, give it one (or more) external IPs forwarded from the external firewall and have a full ISA config.
    Looks like im missing something too - some maybe keith can advise why this is a way to go ?

    Accepted Solution

    I was able to solve my problem by disabling the http/https compression filter on the isa, also my rpcproxy/validports config on the exchange FE was not set correctly by the GUI.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
    Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now