Solved

setting up ISA to allow smtp traffic to exchange 2003

Posted on 2009-05-12
2
485 Views
Last Modified: 2012-06-21
I have a new installation for ISA 2006 and I can't get it to work at all right now.  It is frustrating me.  This is what I need and this is how I set it up.  I need to have email sent from a filtering service accepted and allowed to access our exchange server, SMTP protocol and it will be coming in on two networks into the building, one a T1 and another is a high Speed DSL.

Internal network = 192.168.1.0/24
Exchange Private = 192.168.1.10
External = ISA default setting (two networks, 208.41.53.0/24 and 57.160.12.80/29
Exchange Public 1 = 208.41.53.50
Exchange Public 2 = 75.160.12.83
Address Range MXLogic = 204.50.64.0/24
NAT for SMTP-Exchange1 = Exchange Public 1 to Exchange Private
NAT for SMTP-Exchange2 = Exchange Public 2 to Exchange Private
Access Rule SMTP-inbound
      Protocol = SMTP Server
      Source = MXLogic
      Destination = Exchange Public 1 and Exchange Public 2
      Allow

Outbound email is working with the All traffic outbound is allowed rule.

The reason is that the email is coming from a filtering service MXLogic and we only want to accept the email from them.  this is setup in a SonicWall firewall, an really old one and it is not always working right. So we are replacing it with a new one.
I think that is it.  Doing this from memory. Well, I get the Connection Initiated log then a closed connection, and no email delivered.
0
Comment
Question by:ITSpecialistAZ1
2 Comments
 
LVL 8

Expert Comment

by:thetmanvn
ID: 24372027
1. Did you use Server Publishing Rule for Inbound SMTP?

2. Follow this guide to publish your SMTP Server

http://computing.fusion13.com/ISA/Publishing-Exchange-Email-Through-ISA-Server.shtml

3. Follow this details guide from Microsoft for publishing your entire Exchnage Services

4. It doesn't matter that you have externals networks and use MXLogic to filter before it, because it's only addon one field in the access rule (Src IP Address of Inbound SMTP)

Hope this help
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 24372672
You have to change the destination on your Server publishing rule to point to the local Exchange Servers' IP.

The server publishing rule should look like this...

Action: Allow
Traffic: SMTP Server
From: MXLogic
To: 192.168.1.10
Networks: Check both the T1 and DSL interfaces here.

You will also have to make sure your Exchange server is using ISA as it's default gateway.

Hope this helps.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question