Exchange 2000 published behind an ISA Server shows wrong ip address 1

[ftoddt]

I have a Exchange Server that is published behind an ISA server. Exchange has it own seperate public IP added to the ISA servers WAN nic card. ISA is configured to listen on that IP. My problem is that all mail leaving the ISA appears to be coming from the ISA server's public ip rather than the Exchange Servers Public IP for people that receive our mail.
I would not normally care but we recently got blacklisted for a relay problem that has since been corrected. In order to be removed from that blacklist, I must be able to receive mail as postmaster@[isa ip #]. I cannot figure out how to make mail addressed to the isa ip go to the exchange ip. I can make a postmaster@[exchange ip#] but not one for postmaster@[isa ip #]. Any suggestions

 

[PhillyCheeseSteak]

Bump the Exchange server address up to be the primary IP address in the network card properties.

Is there a reason you have a seperate IP for exchange?

 

[ftoddt]

PhillyCheeseSteak,
You know, why didn't I think of that. Thanks. As far as the seperate IP I may be wrong to do it that way but here is why. Orginally on our Lan, everything went thru the ISA server that had it own public IP except for the email server. Email server was dual nic with it own private IP on the WAN and connected to the LAN with its internal IP. Terribly wrong way to go about it and after being serverly punished by becoming a relay for the world, I put it behind the ISA server. but since all the MX and DNS records from our Internet Provider were in place for the orginal private IP, I added it to the ISA server. We will also be configuring a web server behind the ISA and would assume I need a different public IP for that added to the ISA server WAN Nic unless what you are telling me is that the the Exchange, Web Site, and Isa itself can all have the same public routable IPs??
Thanks Again,
Todd

 

[PhillyCheeseSteak]

Yep, they can all be hosted within your network with one IP address. In fact, it's easier that way. There's no reason to have multiple addresses unless you have two different services (with the exception of web sites) coming in on the same port and they need to go to different computers inside your network.

If your website and email records both point to one address, you can then most likely remove the other without any problems (as long as all your rules use the first address, not the second).

Good luck,

Phil

 

[ftoddt]

Phil,
I tried moving that ip up to the top but all internet access stopped. I immediately put it back like it was and internet came back. Perhaps I needed to reboot or something but it spooked me. What do you mean by different services. We may have more than one Website server and presently have an email server that also has Outlook
Web Access. Reading ISA server, they seem to suggest having mutiple IP's as listeners. Not sure what to do now.
Todd

 

[PhillyCheeseSteak]

You probably need to restart the ISA services (Web and Firewall) , and restart your DNS services.

Phil.

 

[ftoddt]

Phil,
Thanks, it worked just fine. In fact the places that were blacklisting us are no longer having an effect. I assume that is because the IP that they had associated with our email is now changed and therefore not blocked. Saved me a ton of time configuring the abuse@[ip#] mailbox that the blacklister needs to contact in order to be removed. What a pain but yeaaaaaaaaaa I don't have to.
Thanks again,
Todd