Dual-homed Server and SMTP

Dual-homed Server and SMTP

Post by Lee Ston » Thu, 20 Mar 2003 03:41:29



We have a dual-home SBS. The server was originally setup with one of the
NICs disabled. The server has a private IP address 192.168.0.10 with the
router providing NAT on NIC #1. I asked our carrier for a static IP for the
server so that we could setup a VPN. They pointed a public address at
192.168.0.10. Since I did not have the firewall configured (we were wide
open - I did not expect the carrier to respond so quickly), I disabled the
NIC with 192.168.0.10 and unplugged it from my LAN switch. I enabled the
NIC#2 and assigned it to 192.168.0.9. These addresses are excluded from the
DHCP range.

My workstations could connect to the server without any problems, but mail
destined outside the LAN stuck in the SMTP queue. I reconfigured my SMTP
server with external DNS servers, and that solved the problem for the
workstations running XP Pro and Office XP. I still have one user running W2K
Pro and Outlook 2000. Her messages continued to stick in the queue. I
finally solved the problem by changing the order of the transport in Outlook
2000 with "Intenet mail" first. The messages no longer stick in the queue.
Wasn't the registration of the external DNS servers in the virtual SMTP
server supposed to handle this problem? Is this an issue with Outlook 2000?

Thanks.

Lee
========
Lee Stone

<meta-links>
"Maximize Your Web Presence"
========

 
 
 

Dual-homed Server and SMTP

Post by MVP » Thu, 20 Mar 2003 03:48:24


SBS 2000 comes with ISA 2000 for your firewall app.

--
John Oliver, Jr.
MCSE, MCT, CCNA, Exchange MVP


> We have a dual-home SBS. The server was originally setup with one of the
> NICs disabled. The server has a private IP address 192.168.0.10 with the
> router providing NAT on NIC #1. I asked our carrier for a static IP for
the
> server so that we could setup a VPN. They pointed a public address at
> 192.168.0.10. Since I did not have the firewall configured (we were wide
> open - I did not expect the carrier to respond so quickly), I disabled the
> NIC with 192.168.0.10 and unplugged it from my LAN switch. I enabled the
> NIC#2 and assigned it to 192.168.0.9. These addresses are excluded from
the
> DHCP range.

> My workstations could connect to the server without any problems, but mail
> destined outside the LAN stuck in the SMTP queue. I reconfigured my SMTP
> server with external DNS servers, and that solved the problem for the
> workstations running XP Pro and Office XP. I still have one user running
W2K
> Pro and Outlook 2000. Her messages continued to stick in the queue. I
> finally solved the problem by changing the order of the transport in
Outlook
> 2000 with "Intenet mail" first. The messages no longer stick in the queue.
> Wasn't the registration of the external DNS servers in the virtual SMTP
> server supposed to handle this problem? Is this an issue with Outlook
2000?

> Thanks.

> Lee
> ========
> Lee Stone

> <meta-links>
> "Maximize Your Web Presence"
> ========


 
 
 

Dual-homed Server and SMTP

Post by Lee Ston » Thu, 20 Mar 2003 04:03:13


Thanks for the reply, but your answer was not for the question that I was
asking. I realize that SBS has ISA in it and that is what I plan to use. My
question involves outbound Internet mail sticking in the SMTP queues.

Thanks.

Lee
=========
Lee Stone

"Maximize Your Web Presence"
=========


> SBS 2000 comes with ISA 2000 for your firewall app.

> --
> John Oliver, Jr.
> MCSE, MCT, CCNA, Exchange MVP



> > We have a dual-home SBS. The server was originally setup with one of the
> > NICs disabled. The server has a private IP address 192.168.0.10 with the
> > router providing NAT on NIC #1. I asked our carrier for a static IP for
> the
> > server so that we could setup a VPN. They pointed a public address at
> > 192.168.0.10. Since I did not have the firewall configured (we were wide
> > open - I did not expect the carrier to respond so quickly), I disabled
the
> > NIC with 192.168.0.10 and unplugged it from my LAN switch. I enabled the
> > NIC#2 and assigned it to 192.168.0.9. These addresses are excluded from
> the
> > DHCP range.

> > My workstations could connect to the server without any problems, but
mail
> > destined outside the LAN stuck in the SMTP queue. I reconfigured my SMTP
> > server with external DNS servers, and that solved the problem for the
> > workstations running XP Pro and Office XP. I still have one user running
> W2K
> > Pro and Outlook 2000. Her messages continued to stick in the queue. I
> > finally solved the problem by changing the order of the transport in
> Outlook
> > 2000 with "Intenet mail" first. The messages no longer stick in the
queue.
> > Wasn't the registration of the external DNS servers in the virtual SMTP
> > server supposed to handle this problem? Is this an issue with Outlook
> 2000?

> > Thanks.

> > Lee
> > ========
> > Lee Stone

> > <meta-links>
> > "Maximize Your Web Presence"
> > ========

 
 
 

Dual-homed Server and SMTP

Post by MVP » Thu, 20 Mar 2003 04:55:31


Understand, my point is you must first secure your network before any
troubleshooting can be done regarding email issues or network issues for
that matter.  ISA 2000 has wizards that can walk you through setting up a
secure mail server.

--
John Oliver, Jr.
MCSE, MCT, CCNA, Exchange MVP


> Thanks for the reply, but your answer was not for the question that I was
> asking. I realize that SBS has ISA in it and that is what I plan to use.
My
> question involves outbound Internet mail sticking in the SMTP queues.

> Thanks.

> Lee
> =========
> Lee Stone

> "Maximize Your Web Presence"
> =========


> > SBS 2000 comes with ISA 2000 for your firewall app.

> > --
> > John Oliver, Jr.
> > MCSE, MCT, CCNA, Exchange MVP



> > > We have a dual-home SBS. The server was originally setup with one of
the
> > > NICs disabled. The server has a private IP address 192.168.0.10 with
the
> > > router providing NAT on NIC #1. I asked our carrier for a static IP
for
> > the
> > > server so that we could setup a VPN. They pointed a public address at
> > > 192.168.0.10. Since I did not have the firewall configured (we were
wide
> > > open - I did not expect the carrier to respond so quickly), I disabled
> the
> > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I enabled
the
> > > NIC#2 and assigned it to 192.168.0.9. These addresses are excluded
from
> > the
> > > DHCP range.

> > > My workstations could connect to the server without any problems, but
> mail
> > > destined outside the LAN stuck in the SMTP queue. I reconfigured my
SMTP
> > > server with external DNS servers, and that solved the problem for the
> > > workstations running XP Pro and Office XP. I still have one user
running
> > W2K
> > > Pro and Outlook 2000. Her messages continued to stick in the queue. I
> > > finally solved the problem by changing the order of the transport in
> > Outlook
> > > 2000 with "Intenet mail" first. The messages no longer stick in the
> queue.
> > > Wasn't the registration of the external DNS servers in the virtual
SMTP
> > > server supposed to handle this problem? Is this an issue with Outlook
> > 2000?

> > > Thanks.

> > > Lee
> > > ========
> > > Lee Stone

> > > <meta-links>
> > > "Maximize Your Web Presence"
> > > ========

 
 
 

Dual-homed Server and SMTP

Post by Lee Ston » Thu, 20 Mar 2003 07:33:50


John,

Thank you again for your quick reply, but I am not  concerned with the
security at this point since I disabled the NIC with the public IP address.
I just need to get my mail working properly. I just found out that we cannot
forward messages that were sent or received before I switched to the second
NIC. Why are the DNS entries for the external DNS servers handling these
messages?

Thanks.

Lee

Lee Stone

"Maximize Your Web Presence"



> Understand, my point is you must first secure your network before any
> troubleshooting can be done regarding email issues or network issues for
> that matter.  ISA 2000 has wizards that can walk you through setting up a
> secure mail server.

> --
> John Oliver, Jr.
> MCSE, MCT, CCNA, Exchange MVP



> > Thanks for the reply, but your answer was not for the question that I
was
> > asking. I realize that SBS has ISA in it and that is what I plan to use.
> My
> > question involves outbound Internet mail sticking in the SMTP queues.

> > Thanks.

> > Lee
> > =========
> > Lee Stone

> > "Maximize Your Web Presence"
> > =========


> > > SBS 2000 comes with ISA 2000 for your firewall app.

> > > --
> > > John Oliver, Jr.
> > > MCSE, MCT, CCNA, Exchange MVP



> > > > We have a dual-home SBS. The server was originally setup with one of
> the
> > > > NICs disabled. The server has a private IP address 192.168.0.10 with
> the
> > > > router providing NAT on NIC #1. I asked our carrier for a static IP
> for
> > > the
> > > > server so that we could setup a VPN. They pointed a public address
at
> > > > 192.168.0.10. Since I did not have the firewall configured (we were
> wide
> > > > open - I did not expect the carrier to respond so quickly), I
disabled
> > the
> > > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I enabled
> the
> > > > NIC#2 and assigned it to 192.168.0.9. These addresses are excluded
> from
> > > the
> > > > DHCP range.

> > > > My workstations could connect to the server without any problems,
but
> > mail
> > > > destined outside the LAN stuck in the SMTP queue. I reconfigured my
> SMTP
> > > > server with external DNS servers, and that solved the problem for
the
> > > > workstations running XP Pro and Office XP. I still have one user
> running
> > > W2K
> > > > Pro and Outlook 2000. Her messages continued to stick in the queue.
I
> > > > finally solved the problem by changing the order of the transport in
> > > Outlook
> > > > 2000 with "Intenet mail" first. The messages no longer stick in the
> > queue.
> > > > Wasn't the registration of the external DNS servers in the virtual
> SMTP
> > > > server supposed to handle this problem? Is this an issue with
Outlook
> > > 2000?

> > > > Thanks.

> > > > Lee
> > > > ========
> > > > Lee Stone

> > > > <meta-links>
> > > > "Maximize Your Web Presence"
> > > > ========

 
 
 

Dual-homed Server and SMTP

Post by MVP » Sat, 22 Mar 2003 00:26:17


Maybe I am not understanding your setup.  If your ISP has provided you with
a Static IP then most likely the router would be the device to have it bound
with this IP.  What type of router are you using?  Since the router is
acting as your Gateway now, it must be providing NAT in which case you would
create a static route to your internal exchange server for all SMTP traffic,
192.168.0.10 for all port 25 traffic.  Although you are not running any type
of Firewall currently, you are pretty secure from hackers by implementing
NAT on the Router and only opening port 25.

As for DNS, there should be no reason you would be handling this or need
this in your VS server.  By default Exchange 2000 is ready to send/receive
mail out of box.  Your ISP should be the Primary DNS or Authority for your
Zone, and they have the appropriate MX record pointing to your Static IP on
your Router.  This is my recommended setup, if you have something entirely
different please elaborate.

FYI:  As for your VPN, just configure your router to pass PPTP traffic to
192.168.1.10 and setup VPN access through RRAS or ISA 2000.

--
John Oliver, Jr.
MCSE, MCT, CCNA, Exchange MVP


> John,

> Thank you again for your quick reply, but I am not  concerned with the
> security at this point since I disabled the NIC with the public IP
address.
> I just need to get my mail working properly. I just found out that we
cannot
> forward messages that were sent or received before I switched to the
second
> NIC. Why are the DNS entries for the external DNS servers handling these
> messages?

> Thanks.

> Lee

> Lee Stone

> "Maximize Your Web Presence"



> > Understand, my point is you must first secure your network before any
> > troubleshooting can be done regarding email issues or network issues for
> > that matter.  ISA 2000 has wizards that can walk you through setting up
a
> > secure mail server.

> > --
> > John Oliver, Jr.
> > MCSE, MCT, CCNA, Exchange MVP



> > > Thanks for the reply, but your answer was not for the question that I
> was
> > > asking. I realize that SBS has ISA in it and that is what I plan to
use.
> > My
> > > question involves outbound Internet mail sticking in the SMTP queues.

> > > Thanks.

> > > Lee
> > > =========
> > > Lee Stone

> > > "Maximize Your Web Presence"
> > > =========


> > > > SBS 2000 comes with ISA 2000 for your firewall app.

> > > > --
> > > > John Oliver, Jr.
> > > > MCSE, MCT, CCNA, Exchange MVP



> > > > > We have a dual-home SBS. The server was originally setup with one
of
> > the
> > > > > NICs disabled. The server has a private IP address 192.168.0.10
with
> > the
> > > > > router providing NAT on NIC #1. I asked our carrier for a static
IP
> > for
> > > > the
> > > > > server so that we could setup a VPN. They pointed a public address
> at
> > > > > 192.168.0.10. Since I did not have the firewall configured (we
were
> > wide
> > > > > open - I did not expect the carrier to respond so quickly), I
> disabled
> > > the
> > > > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I
enabled
> > the
> > > > > NIC#2 and assigned it to 192.168.0.9. These addresses are excluded
> > from
> > > > the
> > > > > DHCP range.

> > > > > My workstations could connect to the server without any problems,
> but
> > > mail
> > > > > destined outside the LAN stuck in the SMTP queue. I reconfigured
my
> > SMTP
> > > > > server with external DNS servers, and that solved the problem for
> the
> > > > > workstations running XP Pro and Office XP. I still have one user
> > running
> > > > W2K
> > > > > Pro and Outlook 2000. Her messages continued to stick in the
queue.
> I
> > > > > finally solved the problem by changing the order of the transport
in
> > > > Outlook
> > > > > 2000 with "Intenet mail" first. The messages no longer stick in
the
> > > queue.
> > > > > Wasn't the registration of the external DNS servers in the virtual
> > SMTP
> > > > > server supposed to handle this problem? Is this an issue with
> Outlook
> > > > 2000?

> > > > > Thanks.

> > > > > Lee
> > > > > ========
> > > > > Lee Stone

> > > > > <meta-links>
> > > > > "Maximize Your Web Presence"
> > > > > ========

 
 
 

Dual-homed Server and SMTP

Post by Lee Ston » Sat, 22 Mar 2003 09:43:01


Thanks, John. The last reply helps a bunch.

The router is indeed acting as a gateway. It is a Vina Technologies box. My
ISP setup a static route with a public IP --> 192.168.0.10. I tried running
the mail server security wizard, but it stops at the first screen because it
wants a public IP address. I only have the static route pointing to
192.168.0.10 for my external NIC. Is there a way that I can create a
translation for the wizard so that it can 'see' the public address?

I bought "Configuring ISA Server 2000", but I have not been able to find the
answer that the above question in the book yet. Everything is starting to
fall into place a little better.

Thanks.

    Lee


Norcross, GA



> Maybe I am not understanding your setup.  If your ISP has provided you
with
> a Static IP then most likely the router would be the device to have it
bound
> with this IP.  What type of router are you using?  Since the router is
> acting as your Gateway now, it must be providing NAT in which case you
would
> create a static route to your internal exchange server for all SMTP
traffic,
> 192.168.0.10 for all port 25 traffic.  Although you are not running any
type
> of Firewall currently, you are pretty secure from hackers by implementing
> NAT on the Router and only opening port 25.

> As for DNS, there should be no reason you would be handling this or need
> this in your VS server.  By default Exchange 2000 is ready to send/receive
> mail out of box.  Your ISP should be the Primary DNS or Authority for your
> Zone, and they have the appropriate MX record pointing to your Static IP
on
> your Router.  This is my recommended setup, if you have something entirely
> different please elaborate.

> FYI:  As for your VPN, just configure your router to pass PPTP traffic to
> 192.168.1.10 and setup VPN access through RRAS or ISA 2000.

> --
> John Oliver, Jr.
> MCSE, MCT, CCNA, Exchange MVP



> > John,

> > Thank you again for your quick reply, but I am not  concerned with the
> > security at this point since I disabled the NIC with the public IP
> address.
> > I just need to get my mail working properly. I just found out that we
> cannot
> > forward messages that were sent or received before I switched to the
> second
> > NIC. Why are the DNS entries for the external DNS servers handling these
> > messages?

> > Thanks.

> > Lee

> > Lee Stone

> > "Maximize Your Web Presence"



> > > Understand, my point is you must first secure your network before any
> > > troubleshooting can be done regarding email issues or network issues
for
> > > that matter.  ISA 2000 has wizards that can walk you through setting
up
> a
> > > secure mail server.

> > > --
> > > John Oliver, Jr.
> > > MCSE, MCT, CCNA, Exchange MVP



> > > > Thanks for the reply, but your answer was not for the question that
I
> > was
> > > > asking. I realize that SBS has ISA in it and that is what I plan to
> use.
> > > My
> > > > question involves outbound Internet mail sticking in the SMTP
queues.

> > > > Thanks.

> > > > Lee
> > > > =========
> > > > Lee Stone

> > > > "Maximize Your Web Presence"
> > > > =========


> > > > > SBS 2000 comes with ISA 2000 for your firewall app.

> > > > > --
> > > > > John Oliver, Jr.
> > > > > MCSE, MCT, CCNA, Exchange MVP



> > > > > > We have a dual-home SBS. The server was originally setup with
one
> of
> > > the
> > > > > > NICs disabled. The server has a private IP address 192.168.0.10
> with
> > > the
> > > > > > router providing NAT on NIC #1. I asked our carrier for a static
> IP
> > > for
> > > > > the
> > > > > > server so that we could setup a VPN. They pointed a public
address
> > at
> > > > > > 192.168.0.10. Since I did not have the firewall configured (we
> were
> > > wide
> > > > > > open - I did not expect the carrier to respond so quickly), I
> > disabled
> > > > the
> > > > > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I
> enabled
> > > the
> > > > > > NIC#2 and assigned it to 192.168.0.9. These addresses are
excluded
> > > from
> > > > > the
> > > > > > DHCP range.

> > > > > > My workstations could connect to the server without any
problems,
> > but
> > > > mail
> > > > > > destined outside the LAN stuck in the SMTP queue. I reconfigured
> my
> > > SMTP
> > > > > > server with external DNS servers, and that solved the problem
for
> > the
> > > > > > workstations running XP Pro and Office XP. I still have one user
> > > running
> > > > > W2K
> > > > > > Pro and Outlook 2000. Her messages continued to stick in the
> queue.
> > I
> > > > > > finally solved the problem by changing the order of the
transport
> in
> > > > > Outlook
> > > > > > 2000 with "Intenet mail" first. The messages no longer stick in
> the
> > > > queue.
> > > > > > Wasn't the registration of the external DNS servers in the
virtual
> > > SMTP
> > > > > > server supposed to handle this problem? Is this an issue with
> > Outlook
> > > > > 2000?

> > > > > > Thanks.

> > > > > > Lee
> > > > > > ========
> > > > > > Lee Stone

> > > > > > <meta-links>
> > > > > > "Maximize Your Web Presence"
> > > > > > ========

 
 
 

Dual-homed Server and SMTP

Post by MVP » Sun, 23 Mar 2003 02:01:30


So are your saying your Public IP is 192.168.0.10?  This cannot be since
this is Private Range address.  You will need a true Public Static IP to
accomplish my recommended setup.

--
John Oliver, Jr.
MCSE, MCT, CCNA, Exchange MVP


> Thanks, John. The last reply helps a bunch.

> The router is indeed acting as a gateway. It is a Vina Technologies box.
My
> ISP setup a static route with a public IP --> 192.168.0.10. I tried
running
> the mail server security wizard, but it stops at the first screen because
it
> wants a public IP address. I only have the static route pointing to
> 192.168.0.10 for my external NIC. Is there a way that I can create a
> translation for the wizard so that it can 'see' the public address?

> I bought "Configuring ISA Server 2000", but I have not been able to find
the
> answer that the above question in the book yet. Everything is starting to
> fall into place a little better.

> Thanks.

>     Lee


> Norcross, GA



> > Maybe I am not understanding your setup.  If your ISP has provided you
> with
> > a Static IP then most likely the router would be the device to have it
> bound
> > with this IP.  What type of router are you using?  Since the router is
> > acting as your Gateway now, it must be providing NAT in which case you
> would
> > create a static route to your internal exchange server for all SMTP
> traffic,
> > 192.168.0.10 for all port 25 traffic.  Although you are not running any
> type
> > of Firewall currently, you are pretty secure from hackers by
implementing
> > NAT on the Router and only opening port 25.

> > As for DNS, there should be no reason you would be handling this or need
> > this in your VS server.  By default Exchange 2000 is ready to
send/receive
> > mail out of box.  Your ISP should be the Primary DNS or Authority for
your
> > Zone, and they have the appropriate MX record pointing to your Static IP
> on
> > your Router.  This is my recommended setup, if you have something
entirely
> > different please elaborate.

> > FYI:  As for your VPN, just configure your router to pass PPTP traffic
to
> > 192.168.1.10 and setup VPN access through RRAS or ISA 2000.

> > --
> > John Oliver, Jr.
> > MCSE, MCT, CCNA, Exchange MVP



> > > John,

> > > Thank you again for your quick reply, but I am not  concerned with the
> > > security at this point since I disabled the NIC with the public IP
> > address.
> > > I just need to get my mail working properly. I just found out that we
> > cannot
> > > forward messages that were sent or received before I switched to the
> > second
> > > NIC. Why are the DNS entries for the external DNS servers handling
these
> > > messages?

> > > Thanks.

> > > Lee

> > > Lee Stone

> > > "Maximize Your Web Presence"



> > > > Understand, my point is you must first secure your network before
any
> > > > troubleshooting can be done regarding email issues or network issues
> for
> > > > that matter.  ISA 2000 has wizards that can walk you through setting
> up
> > a
> > > > secure mail server.

> > > > --
> > > > John Oliver, Jr.
> > > > MCSE, MCT, CCNA, Exchange MVP



> > > > > Thanks for the reply, but your answer was not for the question
that
> I
> > > was
> > > > > asking. I realize that SBS has ISA in it and that is what I plan
to
> > use.
> > > > My
> > > > > question involves outbound Internet mail sticking in the SMTP
> queues.

> > > > > Thanks.

> > > > > Lee
> > > > > =========
> > > > > Lee Stone

> > > > > "Maximize Your Web Presence"
> > > > > =========


> > > > > > SBS 2000 comes with ISA 2000 for your firewall app.

> > > > > > --
> > > > > > John Oliver, Jr.
> > > > > > MCSE, MCT, CCNA, Exchange MVP



> > > > > > > We have a dual-home SBS. The server was originally setup with
> one
> > of
> > > > the
> > > > > > > NICs disabled. The server has a private IP address
192.168.0.10
> > with
> > > > the
> > > > > > > router providing NAT on NIC #1. I asked our carrier for a
static
> > IP
> > > > for
> > > > > > the
> > > > > > > server so that we could setup a VPN. They pointed a public
> address
> > > at
> > > > > > > 192.168.0.10. Since I did not have the firewall configured (we
> > were
> > > > wide
> > > > > > > open - I did not expect the carrier to respond so quickly), I
> > > disabled
> > > > > the
> > > > > > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I
> > enabled
> > > > the
> > > > > > > NIC#2 and assigned it to 192.168.0.9. These addresses are
> excluded
> > > > from
> > > > > > the
> > > > > > > DHCP range.

> > > > > > > My workstations could connect to the server without any
> problems,
> > > but
> > > > > mail
> > > > > > > destined outside the LAN stuck in the SMTP queue. I
reconfigured
> > my
> > > > SMTP
> > > > > > > server with external DNS servers, and that solved the problem
> for
> > > the
> > > > > > > workstations running XP Pro and Office XP. I still have one
user
> > > > running
> > > > > > W2K
> > > > > > > Pro and Outlook 2000. Her messages continued to stick in the
> > queue.
> > > I
> > > > > > > finally solved the problem by changing the order of the
> transport
> > in
> > > > > > Outlook
> > > > > > > 2000 with "Intenet mail" first. The messages no longer stick
in
> > the
> > > > > queue.
> > > > > > > Wasn't the registration of the external DNS servers in the
> virtual
> > > > SMTP
> > > > > > > server supposed to handle this problem? Is this an issue with
> > > Outlook
> > > > > > 2000?

> > > > > > > Thanks.

> > > > > > > Lee
> > > > > > > ========
> > > > > > > Lee Stone

> > > > > > > <meta-links>
> > > > > > > "Maximize Your Web Presence"
> > > > > > > ========

 
 
 

Dual-homed Server and SMTP

Post by Lee Ston » Sun, 23 Mar 2003 05:54:19


John,

That is what I needed to know. I already called my ISP to make the changes
in the router. The first big clue that I had was when I tried to run the
mail server wizard, and it would not accept the private IP address even
though there is a static route with a public address (66.x.x.x) pointing to
the private address (192.168.0.10).

I WILL learn ISA Server! I WILL learn ISA Server!

Thanks, again.

Lee

"John Oliver, Jr. (MVP)" <jcolive...@hotmail.com> wrote in message
news:uB6xFu87CHA.2376@TK2MSFTNGP10.phx.gbl...

> So are your saying your Public IP is 192.168.0.10?  This cannot be since
> this is Private Range address.  You will need a true Public Static IP to
> accomplish my recommended setup.

> --
> John Oliver, Jr.
> MCSE, MCT, CCNA, Exchange MVP

> "Lee Stone" <lst...@ota1.com> wrote in message
> news:ustXfJ07CHA.1512@TK2MSFTNGP12.phx.gbl...
> > Thanks, John. The last reply helps a bunch.

> > The router is indeed acting as a gateway. It is a Vina Technologies box.
> My
> > ISP setup a static route with a public IP --> 192.168.0.10. I tried
> running
> > the mail server security wizard, but it stops at the first screen
because
> it
> > wants a public IP address. I only have the static route pointing to
> > 192.168.0.10 for my external NIC. Is there a way that I can create a
> > translation for the wizard so that it can 'see' the public address?

> > I bought "Configuring ISA Server 2000", but I have not been able to find
> the
> > answer that the above question in the book yet. Everything is starting
to
> > fall into place a little better.

> > Thanks.

> >     Lee

> > lst...@meta-links.com
> > Norcross, GA

> > "John Oliver, Jr. (MVP)" <jcolive...@hotmail.com> wrote in message
> > news:#dkiVUv7CHA.2396@TK2MSFTNGP10.phx.gbl...
> > > Maybe I am not understanding your setup.  If your ISP has provided you
> > with
> > > a Static IP then most likely the router would be the device to have it
> > bound
> > > with this IP.  What type of router are you using?  Since the router is
> > > acting as your Gateway now, it must be providing NAT in which case you
> > would
> > > create a static route to your internal exchange server for all SMTP
> > traffic,
> > > 192.168.0.10 for all port 25 traffic.  Although you are not running
any
> > type
> > > of Firewall currently, you are pretty secure from hackers by
> implementing
> > > NAT on the Router and only opening port 25.

> > > As for DNS, there should be no reason you would be handling this or
need
> > > this in your VS server.  By default Exchange 2000 is ready to
> send/receive
> > > mail out of box.  Your ISP should be the Primary DNS or Authority for
> your
> > > Zone, and they have the appropriate MX record pointing to your Static
IP
> > on
> > > your Router.  This is my recommended setup, if you have something
> entirely
> > > different please elaborate.

> > > FYI:  As for your VPN, just configure your router to pass PPTP traffic
> to
> > > 192.168.1.10 and setup VPN access through RRAS or ISA 2000.

> > > --
> > > John Oliver, Jr.
> > > MCSE, MCT, CCNA, Exchange MVP

> > > "Lee Stone" <lst...@ota1.com> wrote in message
> > > news:eiKjh4Z7CHA.1616@TK2MSFTNGP11.phx.gbl...
> > > > John,

> > > > Thank you again for your quick reply, but I am not  concerned with
the
> > > > security at this point since I disabled the NIC with the public IP
> > > address.
> > > > I just need to get my mail working properly. I just found out that
we
> > > cannot
> > > > forward messages that were sent or received before I switched to the
> > > second
> > > > NIC. Why are the DNS entries for the external DNS servers handling
> these
> > > > messages?

> > > > Thanks.

> > > > Lee

> > > > Lee Stone
> > > > lst...@meta-links.com
> > > > "Maximize Your Web Presence"

> > > > "John Oliver, Jr. (MVP)" <jcolive...@hotmail.com> wrote in message
> > > > news:eDC$VhY7CHA.3208@TK2MSFTNGP11.phx.gbl...
> > > > > Understand, my point is you must first secure your network before
> any
> > > > > troubleshooting can be done regarding email issues or network
issues
> > for
> > > > > that matter.  ISA 2000 has wizards that can walk you through
setting
> > up
> > > a
> > > > > secure mail server.

> > > > > --
> > > > > John Oliver, Jr.
> > > > > MCSE, MCT, CCNA, Exchange MVP

> > > > > "Lee Stone" <lst...@ota1.com> wrote in message
> > > > > news:#D3L1CY7CHA.1740@TK2MSFTNGP12.phx.gbl...
> > > > > > Thanks for the reply, but your answer was not for the question
> that
> > I
> > > > was
> > > > > > asking. I realize that SBS has ISA in it and that is what I plan
> to
> > > use.
> > > > > My
> > > > > > question involves outbound Internet mail sticking in the SMTP
> > queues.

> > > > > > Thanks.

> > > > > > Lee
> > > > > > =========
> > > > > > Lee Stone
> > > > > > lst...@meta-links.com
> > > > > > "Maximize Your Web Presence"
> > > > > > =========
> > > > > > "John Oliver, Jr. (MVP)" <jcolive...@hotmail.com> wrote in
message
> > > > > > news:#3IV87X7CHA.2308@TK2MSFTNGP10.phx.gbl...
> > > > > > > SBS 2000 comes with ISA 2000 for your firewall app.

> > > > > > > --
> > > > > > > John Oliver, Jr.
> > > > > > > MCSE, MCT, CCNA, Exchange MVP

> > > > > > > "Lee Stone" <lst...@ota1.com> wrote in message
> > > > > > > news:#gGtr2X7CHA.1816@TK2MSFTNGP10.phx.gbl...
> > > > > > > > We have a dual-home SBS. The server was originally setup
with
> > one
> > > of
> > > > > the
> > > > > > > > NICs disabled. The server has a private IP address
> 192.168.0.10
> > > with
> > > > > the
> > > > > > > > router providing NAT on NIC #1. I asked our carrier for a
> static
> > > IP
> > > > > for
> > > > > > > the
> > > > > > > > server so that we could setup a VPN. They pointed a public
> > address
> > > > at
> > > > > > > > 192.168.0.10. Since I did not have the firewall configured
(we
> > > were
> > > > > wide
> > > > > > > > open - I did not expect the carrier to respond so quickly),
I
> > > > disabled
> > > > > > the
> > > > > > > > NIC with 192.168.0.10 and unplugged it from my LAN switch. I
> > > enabled
> > > > > the
> > > > > > > > NIC#2 and assigned it to 192.168.0.9. These addresses are
> > excluded
> > > > > from
> > > > > > > the
> > > > > > > > DHCP range.

> > > > > > > > My workstations could connect to the server without any
> > problems,
> > > > but
> > > > > > mail
> > > > > > > > destined outside the LAN stuck in the SMTP queue. I
> reconfigured
> > > my
> > > > > SMTP
> > > > > > > > server with external DNS servers, and that solved the
problem
> > for
> > > > the
> > > > > > > > workstations running XP Pro and Office XP. I still have one
> user
> > > > > running
> > > > > > > W2K
> > > > > > > > Pro and Outlook 2000. Her messages continued to stick in the
> > > queue.
> > > > I
> > > > > > > > finally solved the problem by changing the order of the
> > transport
> > > in
> > > > > > > Outlook
> > > > > > > > 2000 with "Intenet mail" first. The messages no longer stick
> in
> > > the
> > > > > > queue.
> > > > > > > > Wasn't the registration of the external DNS servers in the
> > virtual
> > > > > SMTP
> > > > > > > > server supposed to handle this problem? Is this an issue
with
> > > > Outlook
> > > > > > > 2000?

> > > > > > > > Thanks.

> > > > > > > > Lee
> > > > > > > > ========
> > > > > > > > Lee Stone
> > > > > > > > lst...@meta-links.com
> > > > > > > > <meta-links>
> > > > > > > > "Maximize Your Web Presence"
> > > > > > > > ========

 
 
 

1. SMTP Connector on dual homed server question

Im in the final stages of an Exchange 5.5 to Exchange 2000 migration. The
server I have made the bridgehead server for all inbound/outbound internet
email is dual homed. I want to ensure that all outbound email is going
through only one of the interfaces instead of both of them, but do not see
exactly how to do that. Currently the server is the first exchange 2000
server I built and has the "out of box" SMTP virtual site. All I have done
is to add a SMTP connector and made the first server the bridgehead.

Can anyone tell me how to ensure that internet mail traffic is going thru
only one of the interfaces? (short of removing the 2nd nic that is)

Thanks
Clyde Burns

PS: long story on dual homed. Used to be on Token Ring but majority of users
are on ethernet now and traffic warrents 100m eth. Have to keep the token
ring IP from the old 5.5 IMS because no one can tell me what all on the
network is using that token ring IP as a forwarder. And firewall group
doesnt want to "change their process" on how they are NATing back for our
mail.companyname.com public IP. (fun fun fun)

2. How to bind to Exchange using Netscape LDAP SDK 3.0 ?

3. Exchange 5.5 binding IMS to single IP on dual-homed server

4. Exchange 5.5 Setup on BDC that is not only with PDC

5. OWA and single or dual homed server

6. how to limit access to Global address book

7. Help Needed - Weird Name Resolution Problems on Dual Homed Server

8. File Attachment Limits

9. Dual homed Exchange server

10. OWA - single or dual homed server

11. Help Needed - Weird Name Resolution Problems on Dual Homed Server