Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Two ISA Servers, a Stub subnet, and publishing
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Two ISA Servers, a Stub subnet, and publishing - 21.Oct.2004 7:30:00 PM
|
|
|
Saltin
Posts: 9
Joined: 1.Apr.2002
Status: offline
|
Hi All.
First off, here is the network as best I can illustrate.
![""]("http://img95.exs.cx/img95/2827/example.gif")
The ISA server at 192.168.4.2 is ISA 2004
The ISA server at 192.168.4.3 is ISA 2000.
Routing is working fine among all subnets, and all hosts can ping each other, everywhere.
I can publish servers through ISA 2004, no problem.
I cannot publish any servers through ISA 2000 at all (though I can reach any internal server from ISA 2000)
I suspect the issue is at the router, but I am confused.
I thought the rule for server publishing stipulated that if the published server did not use ISA as it's default gateway, it should at the very least use a default gateway that knew of and could reach the ISA server internal interface. The server I am trying to publish can reach ISA 2000.
The only thing I can think of is that it has something to do with the router having 192.168.4.2 set as its default route (0.0.0.0 MASK 0.0.0.0 192.168.4.2).
Is it possible that request from external clients are coming in to ISA 2000, being passed on to the internal server with the external clients IP as the response IP. This reponse IP would fall under the default route for the router, and then the router forwards the response packet to ISA 2004 (192.168.4.2) which is the wrong server?
I'm confused. Hope I explained it clearly enough!
Any help would be greatly appreciated!
|
|
|
|
|
RE: Two ISA Servers, a Stub subnet, and publishing - 21.Oct.2004 8:27:00 PM
|
|
|
Saltin
Posts: 9
Joined: 1.Apr.2002
Status: offline
|
Problem solved.
As I expected, the issue was that the server publishing on ISA 2000 was sending the external clients address along to the internal server.
When the internal server attempted to reply, it would attempt to reply to an external address, which of course fell under the default routing rule on my router, and off the reply went into the bit bucket.
By implementing the registry tweak here
http://support.microsoft.com/default.aspx?scid=kb;en-us;311777
I was able to tell ISA 2000 to put it's own name in as client and hence, all responses are now routed directly back to it.
Joy!
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
