locked
Can't access SMTP/IMAP and Outlook

    Question

  • Hi, I know this forum is for Forefront Edge Security. But i am having a serious problem with ISA Server and have tried everything else.

    Non of our users can access any e-mail through Outlook. Not hotmail, gmail or own domains.

    I would be greatful if anyone could read over this post.

    We're configured as an Edge Firewall, we're using the Firewall Client and have even configured all outbound traffic, but get nothing...

    First up.. i have created the following rule:

    Mail Access Protocol - Enabled / Allow

    Selected Protocols - HTTP, HTTPS, SMTP, IMAP4, IMAPS, POP3, GSMTP(custom protocol for Gmail ports)
    From - INTERNAL
    To - EXTERNAL
    Users - ALL USERS
    Schedule - ALWAYS
    All content types

    2nd. When trying to telnet, eg:

    1)TELNET imap.gmail.com 993
    2)TELNET smtp.gmail.com 465
    if you using googleAps and configured your domain with google for Mailing then use 587 port for SMTP (TLS Enabled)
    3)TELNET smtp.gmail.com 587

    we get "Connecting To imap.gmail.com...Could not open connection to the host, on port 993: Connect failed" every time.

    3rd, I created a new roll with just the start>end ip for gmail.

    4th, i've changed the value Disabed in firewall client for outlook from 1 to 0 (zero)

    I've updated ISA to latest service pack and it provides more info on the logs.

    All i get is:

    Unidentified IP Traffic(TCP:1745) Initiated Connection
    Unidentified IP Traffic(TCP:1745) Connection Closed

    Initiated Connection
    Log type: Firewall service
    Status: The operation completed successfully.
    Rule:
    Source: Internal ( 192.168.16.73:63894)
    Destination:
    Local Host ( 192.168.16.4:1745)
    Protocol: Unidentified IP Traffic (TCP:1745)
    User:


    Additional information
    • Number of bytes sent: 0
    • Number of bytes received: 0
    • Processing time: 0ms
    • Original Client IP: 192.168.16.73
    • Client agent:

    then:

    Closed Connection
    Log type: Firewall service
    Status:
    A connection was gracefully closed in an orderly shutdown process with a three-way FIN-initiated handshake.
    Rule: Source: Internal ( 192.168.16.73:63894)
    Destination: Local Host ( 192.168.16.4:1745)
    Protocol:
    Unidentified IP Traffic (TCP:1745)
    User:

    Additional information
    • Number of bytes sent: 16530
    • Number of bytes received: 15514
    • Processing time: 4000ms
    • Original Client IP: 192.168.16.73
    • Client agent:
    Here is info:http://img219.imageshack.us/img219/2257/isafe.jpg
    I'm seriously thinning out on top.

    Does anyone have any idea what i can try now or what might be blocking me?
    Wednesday, March 17, 2010 4:01 PM

Answers

  • ·        Hi,

    ·         

    ·        As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’.

    ·         

    If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

     

    Regards,


    Nick Gu - MSFT
    Tuesday, March 30, 2010 1:12 AM

All replies

  • hi forcerdj,
    did you configured the fwc-options and set "outlook" to enable?!
    take a look here:
    http://www.isaserver.org/articles/2004olpop3smtp.html
    -- greets, jens mander... http://www.aixperts.de http://www.forefront-tmg.de http://www.hentrup.net |<-|
    Wednesday, March 17, 2010 4:19 PM
  • Thanks for the reply but i have done that :)
    Wednesday, March 17, 2010 4:25 PM
  • is there a way i can bypass the proxy server and allow authentication? to see if it actually is ISA what's blocking it
    Thursday, March 18, 2010 10:13 AM
  • Hi,

     

    Thank you for the post.

     

    Do you have installed any other 3-party router in front of the ISA? And would you please tell us your network topology and ip configuration on ISA?

     

    Regards,


    Nick Gu - MSFT
    Monday, March 22, 2010 1:35 PM
  • Hi,

    I'd like to confirm whether there is any update about this issue.

    Regards,


    Nick Gu - MSFT
    Thursday, March 25, 2010 3:20 AM
  • ·        Hi,

    ·         

    ·        As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’.

    ·         

    If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

     

    Regards,


    Nick Gu - MSFT
    Tuesday, March 30, 2010 1:12 AM
  • Hi,

    any update. did you issue have been solved. I had same issue but solved after making some change in Firewall (Not ISA). check whether your firewall policy allowed gmail custom port to ISA Server. for more information please reply so i will give you details informaiotn.

     

    Thanks,

    Mohammed Ashfaq

    Sr. Systems Engineer.

    Riyadh.

     

    Wednesday, June 02, 2010 8:02 AM