Welcome to ISAserver.org

Change of gateway = no external connections

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> Change of gateway = no external connections

Page: [1]

Message

<< Older Topic Newer Topic >>

Change of gateway = no external connections - 17.Jan.2008 7:52:34 AM

fredfox

Posts: 5
Joined: 17.Jan.2008
Status: offline

Hi all - hopefully someone can help me out here.

I've been experimenting with SBS2003 and ISA2004.

I have an ADSL line with a fixed IP. The default gateway is not fixed (obviously) and will change if the PPP connections is dropped and then re-connected. This ADSL line is connected via a Speedtouch 585v6 to one NIC and the "external" address (the one provide by the ISP) is assigned to NIC 1 on the SBS server by the 585 (firewall is OFF). NIC 2 is connected to the internal network.

After the intial install, all was fine, exchange working, PUSH and OWA too. Then the PPP connection dropped and all externally initiated connections failed, PUSH, OWA etc. Going to the outside still worked though so browsing and downloading where fine.

Nothing was logged in the monitor when I tried to connect from the outside, no �denied� records at all. With a fit of inspiration (hahahaha) I manually dropped the PPP connection and then reconnected. After each drop, I checked the gateway address, and tried OWA via another ADSL connection and to sync my phone with OMA. On about the fourth try it worked. After a bit more dropping and connecting, I discovered that external connections would only be excepted when I was using one particular gateway :(

Any idea is going on ? I�m guessing that it�s dropping the packets as it assumes they�re being �spoofed� ? That�s the only other time I�ve seen where nothing is shown in the monitor logs, but I don�t know how to get around this, as the gateway could change at any time. Have I configure something qrong somewhere ?

Post #: 1

Featured Links*

RE: Change of gateway = no external connections - 17.Jan.2008 10:49:22 AM

Rotorblade

Posts: 963
Joined: 27.Feb.2007
Status: offline

Hi,

Using Dynamic IP's is not going to work if you're publishing. You need to be configured with static IP's.

HTH

RB

(in reply to fredfox)

Post #: 2

RE: Change of gateway = no external connections - 17.Jan.2008 11:44:42 AM

fredfox

Posts: 5
Joined: 17.Jan.2008
Status: offline

quote:

ORIGINAL: Rotorblade

Hi,

Using Dynamic IP's is not going to work if you're publishing. You need to be configured with static IP's.

HTH

RB

Hi

The IP is static not dynamic, the gateway isn't. I had this exact configuration working perfectly with Server 2003 / ISA 2006 for several months.

(in reply to Rotorblade)

Post #: 3

RE: Change of gateway = no external connections - 17.Jan.2008 4:07:30 PM

Rotorblade

Posts: 963
Joined: 27.Feb.2007
Status: offline

Ok, using a Static IP and a Dynamic GW IP is "Still" not going to work. If the GW changes, how is ISA going to know this?

RB

(in reply to fredfox)

Post #: 4

RE: Change of gateway = no external connections - 17.Jan.2008 5:17:03 PM

fredfox

Posts: 5
Joined: 17.Jan.2008
Status: offline

No idea, hence asking the question, it's all about learning !

Is this a problem (feature) of ISA 2004 ? Confused you see, as the previous config (Server 2003 and ISA 2006) worked really well for such a long time, and my connection was getting a new GW quite often.

If this is how ISA 2004 works, I don't quite get how it works in the real world for businesses that use commercial ADSL, as here in the UK, an ISP has a number of "centrals" and you could end up on any of them, hence getting a different gateway. I don't believe that you can be allocated a static GW. I may be wrong though !

(in reply to Rotorblade)

Post #: 5

RE: Change of gateway = no external connections - 17.Jan.2008 6:28:59 PM

Rotorblade

Posts: 963
Joined: 27.Feb.2007
Status: offline

True! on the learning part

I can say that your situation is defiantly unique and is the first that I have run across. In the US, when you get a static IP you also have a static GW that matches!. It would be a problem for any OS or application appliance if the GW would suddenly change and the assigned IP would remain the same. What�s going to happen if they are no longer in the same subnet? It will be broke as you already know. I�m having a hard time believing this would be the case. What is your ISP saying?

Cheers,

RB

(in reply to fredfox)

Post #: 6

RE: Change of gateway = no external connections - 18.Jan.2008 5:01:21 PM

fredfox

Posts: 5
Joined: 17.Jan.2008
Status: offline

Taken a while to reply - that "work" thing keeps getting in the way !

Been in touch with my ISP, and as I expected, no static GW with a static IP.

My static external IP is 87.127.x.x and my GW is 84.45.x.x ! Which is the GW I was using when I initially set up SBS and ISA when it all worked

I'd love to get this sorted before I move onto my next project - I hate being defeated and there must be a solution, as I keep going back to (sorry !) it worked under ISA2006

Thanks for all your help and advice.

(in reply to Rotorblade)

Post #: 7

RE: Change of gateway = no external connections - 19.Jan.2008 6:50:45 PM

Rotorblade

Posts: 963
Joined: 27.Feb.2007
Status: offline

Well, I really don�t know what to tell you and I hope you find a solution. Have you checked with other ISP�s? With that IP arrangement there�s no way in heck that it�s going to work.

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to fredfox)

Post #: 8

RE: Change of gateway = no external connections - 31.Jan.2008 5:07:25 PM

fredfox

Posts: 5
Joined: 17.Jan.2008
Status: offline

Finally got a solution to this :)

I've got a block of 8 static IP's, meaning that I can set the gateway to the router. Therefore if (and when) the gatewat the router uses changes it doesn't effect ISA.

When I've finished with this project, I'll have another play with ISA 2006 and see if I get the same issue.

But meanwhile, I can now start playing properly with SBS.

Thanks for your help.

(in reply to Rotorblade)

Post #: 9