Solved

setting up ISA to allow smtp traffic to exchange 2003

Posted on 2009-05-12
2
484 Views
Last Modified: 2012-06-21
I have a new installation for ISA 2006 and I can't get it to work at all right now.  It is frustrating me.  This is what I need and this is how I set it up.  I need to have email sent from a filtering service accepted and allowed to access our exchange server, SMTP protocol and it will be coming in on two networks into the building, one a T1 and another is a high Speed DSL.

Internal network = 192.168.1.0/24
Exchange Private = 192.168.1.10
External = ISA default setting (two networks, 208.41.53.0/24 and 57.160.12.80/29
Exchange Public 1 = 208.41.53.50
Exchange Public 2 = 75.160.12.83
Address Range MXLogic = 204.50.64.0/24
NAT for SMTP-Exchange1 = Exchange Public 1 to Exchange Private
NAT for SMTP-Exchange2 = Exchange Public 2 to Exchange Private
Access Rule SMTP-inbound
      Protocol = SMTP Server
      Source = MXLogic
      Destination = Exchange Public 1 and Exchange Public 2
      Allow

Outbound email is working with the All traffic outbound is allowed rule.

The reason is that the email is coming from a filtering service MXLogic and we only want to accept the email from them.  this is setup in a SonicWall firewall, an really old one and it is not always working right. So we are replacing it with a new one.
I think that is it.  Doing this from memory. Well, I get the Connection Initiated log then a closed connection, and no email delivered.
0
Comment
Question by:ITSpecialistAZ1
2 Comments
 
LVL 8

Expert Comment

by:thetmanvn
ID: 24372027
1. Did you use Server Publishing Rule for Inbound SMTP?

2. Follow this guide to publish your SMTP Server

http://computing.fusion13.com/ISA/Publishing-Exchange-Email-Through-ISA-Server.shtml

3. Follow this details guide from Microsoft for publishing your entire Exchnage Services

4. It doesn't matter that you have externals networks and use MXLogic to filter before it, because it's only addon one field in the access rule (Src IP Address of Inbound SMTP)

Hope this help
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 24372672
You have to change the destination on your Server publishing rule to point to the local Exchange Servers' IP.

The server publishing rule should look like this...

Action: Allow
Traffic: SMTP Server
From: MXLogic
To: 192.168.1.10
Networks: Check both the T1 and DSL interfaces here.

You will also have to make sure your Exchange server is using ISA as it's default gateway.

Hope this helps.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Allow Traffic through Forefront TMG 14 123
Activesync not working after drainstop NLB HT CAS server ? 2 509
RDP to TMG Firewall 6 295
Email forensics? 6 201
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question