Solved

setting up ISA to allow smtp traffic to exchange 2003

Posted on 2009-05-12
2
482 Views
Last Modified: 2012-06-21
I have a new installation for ISA 2006 and I can't get it to work at all right now.  It is frustrating me.  This is what I need and this is how I set it up.  I need to have email sent from a filtering service accepted and allowed to access our exchange server, SMTP protocol and it will be coming in on two networks into the building, one a T1 and another is a high Speed DSL.

Internal network = 192.168.1.0/24
Exchange Private = 192.168.1.10
External = ISA default setting (two networks, 208.41.53.0/24 and 57.160.12.80/29
Exchange Public 1 = 208.41.53.50
Exchange Public 2 = 75.160.12.83
Address Range MXLogic = 204.50.64.0/24
NAT for SMTP-Exchange1 = Exchange Public 1 to Exchange Private
NAT for SMTP-Exchange2 = Exchange Public 2 to Exchange Private
Access Rule SMTP-inbound
      Protocol = SMTP Server
      Source = MXLogic
      Destination = Exchange Public 1 and Exchange Public 2
      Allow

Outbound email is working with the All traffic outbound is allowed rule.

The reason is that the email is coming from a filtering service MXLogic and we only want to accept the email from them.  this is setup in a SonicWall firewall, an really old one and it is not always working right. So we are replacing it with a new one.
I think that is it.  Doing this from memory. Well, I get the Connection Initiated log then a closed connection, and no email delivered.
0
Comment
Question by:ITSpecialistAZ1
2 Comments
 
LVL 8

Expert Comment

by:thetmanvn
ID: 24372027
1. Did you use Server Publishing Rule for Inbound SMTP?

2. Follow this guide to publish your SMTP Server

http://computing.fusion13.com/ISA/Publishing-Exchange-Email-Through-ISA-Server.shtml

3. Follow this details guide from Microsoft for publishing your entire Exchnage Services

4. It doesn't matter that you have externals networks and use MXLogic to filter before it, because it's only addon one field in the access rule (Src IP Address of Inbound SMTP)

Hope this help
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 24372672
You have to change the destination on your Server publishing rule to point to the local Exchange Servers' IP.

The server publishing rule should look like this...

Action: Allow
Traffic: SMTP Server
From: MXLogic
To: 192.168.1.10
Networks: Check both the T1 and DSL interfaces here.

You will also have to make sure your Exchange server is using ISA as it's default gateway.

Hope this helps.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now