An Office Outlook Client that Connects through ISA 2004 may be unable to reconnect for 24 hours (Secure Exchange RPC Publishing Scenario)


Consider the following scenario:

  • You are using a Microsoft Office Outlook client that connects to a Microsoft Exchange server through Microsoft Internet Security and Acceleration (ISA) Server 2004.
  • You are using Exchange remote procedure call (RPC) publishing to publish the Exchange server.

In this scenario, if the Outlook client connection to the Exchange server is lost because of network problems, the Outlook client may be unable to reconnect for 24 hours.
Note The Outlook client may be able to connect to the Exchange server if you restart the ISA Server Firewall service.


This issue occurs if the Outlook client has used up the default maximum limit of 32 MAPI connections to the Exchange server and if the Exchange server does not clean up idle sockets.

In an Exchange RPC publishing scenario, the Exchange server does not clean up idle sockets because the sockets connect to ISA Server instead of to Outlook. ISA Server acts in compliance with Request for Connections (RFC) 1631, “The IP Network Address Translator (NAT).” This RFC requires NAT connections to be maintained for 24 hours and does not clean up idle sockets for 24 hours.

Note RFC 1631 has been replaced by RFC 3022, “Traditional IP Network Address Translator (Traditional NAT).”

For the solution, check out:;…




Thomas W Shinder, M.D.


Email: [email protected]

MVP — ISA Firewalls

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top