Struggling with an access issue... hope someone may have some ideas:
I've configured a DMZ perimter segment, using a Linksys WAP54G wireless access point, to allow Internet access for untrusted users. For now, I have configured an access rule permitting all traffic from the DMZ segment to the External interface. I did create a network rule for a NAT relationship between the DMZ segment and the External network.
DNS and DHCP both work properly for users of this segment. I added and configured both DNS and DHCP services directly on the ISA server, having them both only listen to the DMZ interface.
I've connected to the segment, through the WAP, using a laptop running Windows XP. As mentioned, DCHP and DNS work perfectly. I can even ping servers like google and mindspring. The issue I'm having is, from the laptop using Internet Explorer, the protocols which do not appear to "work" is HTTP and FTP. HTTPS works fine!!
I've monitored all traffic on the DMZ segment (using llive logging) and I notice all HTTP, FTP and HTTPS requests hit the firewall, but IE will not display anything for HTTP and FTP requests. Any secure site I access via HTTPS works fine.
I thought it may be my laptop and something related to ports, but I can access the Linksys WAP's internal web browser via HTTP just fine.
Any thoughts about where I may check next? As mentioned, I'm struggling a bit with this issue.
OK, the problem turned out to be the Receive Side Scaling attribute for my network card.
For the DMZ leg at issue, I had installed a PCIe Intel Pro1000 dual port adapter. The Receive Side Scaling attribute defaults to Enabled... the same as the internal Broadcom adapter (Dell 1950). This attribute for the Intel Pro card can be found in the Device Manager/Network Adapters area for this specific card. There is an Advanced tab which allows you to modify individual attributes. Once the Receive Side Scaling attributed was disabled, all traffic passed through without issue.