Blisster

Hi all. I'm new here.

Got a question, I am currently admining a small domain, running a win2k3 DC/Infrastructure box, a file server and an Exchange 2003 server.
I'm trying to set up a Win2k3 server that straddles our firewall with an external interface with a public IP (mail.company.com and the MX resolve to this external address) and an internal interface on our LAN. I want to use this as an SMTP forwarder that passes all incoming messages to the exchange server.
Ultimately I will be isntalling ISA 2004 on this box as well and using it as an RPC over HTTP proxy for the exchange box, as well as to publish OWA externally.

So this first step here is just getting the smtp service properly configured to route messages incomming on the external interface to the exchange server on the internal interface.

any suggestions, critisizm or alternate ideas would rock!

J

fitz

umm.. why not just install ISA server in a DMZ configuration and use ISA to handle your SMTP traffic?

---

Blisster

That's the plan, but I figured I needed to have the SMTP service set up on the box already.
I'm not so familliar with ISA 2004 yet, so pardon my ignorance.

would you still have a "straddling" set-up or would you jsut route from the DMZ into the LAN.

I'm using a Pix515E to handle the LAN perimeter and can set up a DMZ on the third interface if need-be.

Also, do you think that will cause issues with the RPC proxy on the ISA box?

fitz

Here is a nice article on setting up the SMTP filter on an ISA server.

Also, www.isaserver.org has a LOT of good articles and can teach you pretty much anything you wanted to know.

Personally, I would put the ISA box strictly in the DMZ only and configure your PIX to forward the traffic on port 25 on the external interface to the DMZ and traffic from yoru DMZ to the LAN over port 25.

edit: isaserver.org is run by Thomas Shinder who is considered by many to be one of the 'gods' of ISA Server. Go pick up his books too - good reading and info in his books.

---