SMTP timing out between firewall & server

[Bill M]

I have two W2K servers for my network and a third W2K machine hosting my
Exchange 2000 server. The Exchange machine has it's own firewall & external
IP address.

Mail is not reaching my Exchange 2000 server from outside my network.
My firewall is set to forward everything coming in on port 25 to my exchange
server (192.168.98.12).

My firewall logs show the following:
08/23/2006 22:41:36 TCP from:64.233.166.179 to:192.168.98.12 src port:37440
dest port:25 Half-Open TCP connection timeout.
08/23/2006 22:41:23 TCP from:64.233.166.183 to:192.168.98.12 src port:37257
dest port:25 Half-Open TCP connection timeout.

The "froms" happen to be gmail servers. It looks like they are reaching my
firewall, but timing out waiting for a response from my exchange server.

Where should I be looking to correct this problem?

Bill

 

[Leif Pedersen [MVP]]

Hi,

Can you telnet to your exchange server from the lan on port 25?

Enable SMTP logging on the SMTP virtuel server and look in the log files for
clues.

See if this helps:
http://www.microsoft.com/downloads/...c7-925d-4a29-bd42-71e8563c80a9&displaylang=en

Leif

 

[Bill M]

Hi Leif,
Everything works great within the LAN.
USRobotics suggested that I try moving the exchange server into the DMZ,
disabling the routers firewall and disable/enable the port forwarding. I did
all of this Thursday PM and I still timed out.

Restarted my Exchange server and tried from home that night and IT
WORKED..until I tried again on Saturday AM.

Once again I could not get through from outside the LAN. I could establish a
VPN, which runs through a different address & server, and confirmed that
everything worked fine within the LAN.

I redid all of the steps with the router, but nothing changed.
It appears that restarting my exchange server might have made the
difference, but I don't know what to look for.

Bill

 

[Bill M]

After I established the VPN I was able to set up a remote desktop to my
other servers, but not to the exchange server, it timed out waiting for a
response to the log-in.
The time-out problem occurs on all of the ports so either the router is not
passing anything along or the server is not responding to anything.
Is there something server side that might be causing this?

Bill

 

[Leif Pedersen [MVP]]

Hi,

If you have enabled the firewall on the server or if routing on the server
is configured differently than your other servers.

Leif

 

[Bill]

Thanks Leif,
It's definitely a server issue.
I was out on Monday, came in this morning and restarted the server and now
everything is working fine again. I looked through the event logs and saw
that an automatic update had restarted the machine Friday night, but I
couldn't find anything that would lead to the server rejecting contact from
the outside world.
I'm going to disable automatic updates and keep an eye on it.

Thanks for all of your help.

Bill