Printable View
As Tiger said...ISA looks dead..
I see this with sbs sometimes as initial install with ISA server can be a pain and often
just gets turned off and never re-visited.
Are appropriate ISA services(s) running?
If you can't work a firewall device soon, do you have a spare machine and 2 nics?
Even a quick smoothwall (www.smoothwall.org) will put you in a better position while you
work out the ISA stuff.
All the appropriate ISA services are running. I think that it is just very poorly configured. (Or r00ted) However, the guy I inheirited the server from was a $150 an hour I know everything under the sun kind of guy. I am going to work with them tonight over the phone to get a hardware firewall in so that it is ready for when I go into the office there on Thursday.
At least now you can get a good backup and load it all from a secure standing. Show them Tiger's scan, that is all the "motivation" you will need for some good work on your part.
CXGJarrod,
I run SBS2000 as well, and while I like ISA, I still have a Sonicwall SOHO3 in front of it. I dont remember if you said this was your site or a friends, but if you want to get the company better informed about SBS/ISA/Exchange etc , Harry Brelsford's "Small Business Server 2000 Best practices" is a pretty good read for the non technical and site admin.
It is just a suggest, but it helped me get a lot more requests thru the budget (Like the SoHo3 and BackupExec 9) and it will more then help the site admin understand ISA configuration.
Cheers!
CXGJarrod
Does the server have 2 NICs?? 1 NIC to the internet and 1 to the lan....I have seen lots of setups where they set up the SBS with just one nic...
It needs 2 NICs for ISA to be fully functional.....all those services shouldnt be visable on the external NIC!!!
Anyway...looks like you are making progress.... :D
Good luck.
MLF
Keep in mind, that if your two+ NICs are teamed, then it is like you only have a single NIC. I have seen more then one SBS server with 2 or more NICs all teamed, and ISA might as well not be on the system.
Cheers!
Not sure if the nics are "teamed" but there are 2 nics in the system, each with its own IP address. (1 external, 1 internal) I didnt think that you could install ISA without 2 nics. (Thought the setup checked that) I could be wrong as its been a while since I setup our setup at work.
They have the price for a WatchGuard firewall, so that is a start. I will be out there today to look into the ISA server config and to install a temp hardware firewall as well as do some scans (virus and other) on the machine.
Yes, actually you can install ISA (if not properly) without two NICs, but if you only have one, then it is going to look to a modem. ISA will install with teamed NICs, even thou it can not possible operate properly that way. If the NICs were teamed, they would have only internal (or external addresses is possible i guess) but they would most likely be set to work within a "score". But if one if internal and one is external, then they arent teamed.
Someone earlier mentioned GFI Mail Security, and I use that here on my Exchange box, and it works really well. After the installation, I checked CPU usages and it was only up by about 3% avg. Much lower then McAfee or Norton. So far it hasnt missed a beat. Before it was installed, we would have NetSky alerts on the desktop two or three times a day, now GFI handles it all before it gets anywhere near the workstations and (GASP) Outlook. And it is priced very reasonably too.
So if your friends network hasnt got a good Exchanged based AV, take a look.
Hope all goes well for ya today!
They did install GFI mailsecurity for a while on this box, but I think that it died because of all the spam going through the box. (Email messages were taking over 1 hour to be received) I will probably try and install it again once we fix these problems. They said it seemed to cut out a lot of their spam.Quote:
Originally posted here by MrCoffee
Yes, actually you can install ISA (if not properly) without two NICs, but if you only have one, then it is going to look to a modem. ISA will install with teamed NICs, even thou it can not possible operate properly that way.
Someone earlier mentioned GFI Mail Security, and I use that here on my Exchange box, and it works really well. After the installation, I checked CPU usages and it was only up by about 3% avg. Much lower then McAfee or Norton. So far it hasnt missed a beat. Before it was installed, we would have NetSky alerts on the desktop two or three times a day, now GFI handles it all before it gets anywhere near the workstations and (GASP) Outlook. And it is priced very reasonably too.
So if your friends network hasnt got a good Exchanged based AV, take a look.
Hope all goes well for ya today!
email messages taking a long time to recieve is more likely related to the large list of badmail and extensive mail queing. It also indicates a lack of sufficient storage space somewhere in the setup. The messages are processed when the space is available. GFI even under large spam filtering isn't that much overhead unless the box is fairly old or there are wayyyy too many accounts services by the machine.
Box isnt that old: Dell Poweredge 1.7 GHz machine with 1.5GB of ram and it only has about 10 users on the system. So it should not have choked. However the badmail problem could of been affecting it. It has had over 30GB of space on the partition where exchange is located for a while now. The main windows partition has 2GB free (which I plan to clean off this drive oneday)Quote:
Originally posted here by RoadClosed
email messages taking a long time to recieve is more likely related to the large list of badmail and extensive mail queing. It also indicates a lack of sufficient storage space somewhere in the setup. The messages are processed when the space is available. GFI even under large spam filtering isn't that much overhead unless the box is fairly old or there are wayyyy too many accounts services by the machine.
Keep in mind that I have GFI Mail Security running for AV/malware protection, NOT GFI Mail Essentials, which is the anti-spam product (Thou I plan to order and install that soon).
My Server is a Dell 1.0Gig Dual PIII (2500), not a heavy hitter at all and we see no slow down server 45 users. I run 4 teamed nics for internal traffic, and 1 external for ISA.
While your bad mail folder was bad, mine was worse, as I said in my PM. If you are/were having that kind of a delay, something more the GFI is going on.
Cheers!
You were right. I had it confused. They had GFI MailEssentials on the server.Quote:
Originally posted here by MrCoffee
Keep in mind that I have GFI Mail Security running for AV/malware protection, NOT GFI Mail Essentials, which is the anti-spam product (Thou I plan to order and install that soon).