• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Vpn warnings

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Vpn warnings Page: [1]
Login
Message << Older Topic   Newer Topic >>
Vpn warnings - 19.Aug.2009 5:23:26 AM   
Vag

 

Posts: 14
Joined: 19.Aug.2009
Status: offline
Hello.
I have enabled VPN clients on my isa server and i also configure vpn site to site with our other office.
Everything is working as expected except some warning messages after a vpn client connection for configuration error and ip spoofing regarding the vpn client ip.
Is it something i can safelly ignore?
Why ISA considers this is false?
Below you can find the warning descriptions.


Description: ISA Server detected a spoof attack from Internet Protocol (IP) address 192.168.1.124. A spoof attack occurs when an IP address that is not reachable via the interface on which the packet was received. If logging for dropped packets is set, you can view details in the firewall log.

Description: ISA Server detected routes through the network adapter INTERNAL that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.124-192.168.1.124;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur.
The routing table for network adapter EntersoftBG includes IP address ranges that are not defined in the array network EntersoftBG to which it is bound. As a result, when packets go in/out via this network adapter and they are from/sent to the IP address ranges listed below they will be considered spoofed and will be dropped. To resolve this issue, add the missing IP address ranges to the array network.
The following IP address ranges will be dropped as spoofed:
Internal:192.168.1.124-192.168.1.124;

Description: ISA Server detected routes through the network adapter EXTERNAL that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 10.255.255.255-10.255.255.255;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur.
Post #: 1
RE: Vpn warnings - 31.Aug.2009 10:49:48 AM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Ignore it.
There is a brief period of time between when the IP granted to the VPN User is dynamically switched from the Internal Network to the VPN Users Network.  During that period this error can be logged.

_____________________________

Phillip Windell

(in reply to Vag)
Post #: 2
RE: Vpn warnings - 31.Aug.2009 11:04:48 AM   
Vag

 

Posts: 14
Joined: 19.Aug.2009
Status: offline
thnx pwindell

(in reply to pwindell)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Vpn warnings Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts