Welcome to ISAserver.org

Unidentified IP traffic

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Unidentified IP traffic

Page: [1]

Message

<< Older Topic Newer Topic >>

Unidentified IP traffic - 20.Jul.2005 6:24:00 AM

slatts1

Posts: 1
Joined: 20.Jul.2005
From: Australia
Status: offline

Hi

I am desperate need of some assistance.

I have an ISA firewall at "Head Office" and all workstations and servers are using this as their default gateway. I have a wan router on the same subnet as the ISA box and my servers with a number of sites hanging off it. I have defined all of my wan subnets in the "internal" network object on the ISA server. I have access rules in place allowing all Internal --> Internal Traffic

All WAN subnets and hosts on the local network behind the ISA server can access the internet and resources through the ISA Server however. I have issues with any of the WAN sites accessing Servers at the Head office site. All servers are pingable from WAN locations however when attempting to connect to anything using TCP , such as an RDP session , File Share , Web page etc the connection fails and a "denied" event Listing the connection as "Unidentified IP traffic " for the return traffic from the server the users at the WAN location is attempting to access.

The traffic is definatly not blocked by any of my access rules , i've tried adding allow any any etc to no avail.

I feel this issue may be due to the ISA server only ever having to deal with the return trafic for connections from WAN users as the WAN router would route the initial connection directly to the user.

I have followed an MS article that I found statiting how to perform a reg hack to disable the Anti Spoofing features within ISA 2004 however this has not helped.

I'm getting rather desperate to solve this , Any help would be greatfully appreciated.

Thanks

Leon

The Denied Event does not display that the traffic is being blocked by a rule.