Welcome to ISAserver.org

TOM..ISA2004 Array event id 21265 help...

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 General ] >> General >> TOM..ISA2004 Array event id 21265 help...

Page: [1]

Message

<< Older Topic Newer Topic >>

TOM..ISA2004 Array event id 21265 help... - 2.Nov.2005 5:35:00 AM

ITOpMan

Posts: 12
Joined: 23.Aug.2004
From: Huntingdon
Status: offline

Hi..we are having problems with the reported address range, which hasnt changed since it was set up several months ago, but can not find out how to resolve it searching has proofed to be unhelpfull on this one, has any one had this before or know how to correct it.

On the properties of the configuration/network/internal properties/addresses tab the addresses seem to be ok but the domain tab will not display the domains the error on this tab is:

The string is not a valid Local Domain Table (LDT) domain name.

The error occurred on object 'Internal' of class 'Network' in the scope of array 'AWSHUISA01'.

The event error is below:-
EventID:21265 source:firewall

The routing table for network adapter Internal includes IP address ranges that are not defined in the array network VPN Clients to which it is bound. As a result, when packets go in/out via this network adapter and they are from/sent to the IP address ranges listed below they will be considered spoofed and will be dropped. To resolve this issue, add the missing IP address ranges to the array network. The following IP address ranges will be dropped as spoofed: Internal:10.0.0.224-10.0.0.225;

thanks for your help

TOM I have also sent you an email with screen shots.

Post #: 1

Featured Links*

RE: TOM..ISA2004 Array event id 21265 help... - 2.Nov.2005 8:58:00 AM

tshinder

Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Brian,

How are you assigning addresses to VPN clients?

Thanks!
Tom

(in reply to ITOpMan)

Post #: 2

RE: TOM..ISA2004 Array event id 21265 help... - 2.Nov.2005 9:50:00 AM

ITOpMan

Posts: 12
Joined: 23.Aug.2004
From: Huntingdon
Status: offline

Hi..Tom, The routing information for the internal card on ISA01 goes from 10.0.0.0 - 10.0.0.236 which includes the 10 IP's 226-236 that it has reserved for assigning to VPN clients.

(in reply to ITOpMan)

Post #: 3

RE: TOM..ISA2004 Array event id 21265 help... - 3.Nov.2005 8:09:00 AM

ITOpMan

Posts: 12
Joined: 23.Aug.2004
From: Huntingdon
Status: offline

Tom.. The ISA array is set up so ISA servers have a "Static Pool" of internal addresses that are excluded from the internal range of addresses and assigned to vpn. This pool exists on both ISA servers (but with different non interlapping ranges) When a client connects (after authentication) they are issued one of these address which then enables them to communicate on the network.

Another problem which seems to be related is Pinging the ip addresses of the ISA servers 10.0.0.11/12/13 address is a problem - as the ISA server array has some sort of an issue & is not returning traffic to the internal routers (whilst the rest of the network is).

Have you come accross these sort of issues before Tom?

(in reply to ITOpMan)

Post #: 4

RE: TOM..ISA2004 Array event id 21265 help... - 3.Nov.2005 11:01:00 AM

ITOpMan

Posts: 12
Joined: 23.Aug.2004
From: Huntingdon
Status: offline

I am quite sure that the issues we are having are to do with the 'domain tab' data been corrupt (see above for detials) does any one know if their is a way to delete the domain entries that are located in the configuration\network\internal\domain tab from the registry etc. so we can then possibly re enter them to try and fix the problem.

we cant be the only ones experiencing this proplem surely...

(in reply to ITOpMan)

Post #: 5