Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
issues
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
issues - 24.May2001 3:30:00 AM
|
|
|
ndsrocks
Posts: 16
Joined: 24.May2001
From: santa clara , ca
Status: offline
|
Maybe i just dont know what i am doing... The server has an internal dsl modem, 1 nic. We are able to get the clients on to the internet with the firewall client but not using seucure nat. Have read tom's article on secure nat and several others, i feel confident that dns, protocol rules, etc..are setup properly. I need to publish other servers so really need to get this working (unless there is another way) Interestingly, not even the server has access bit can ping external hosts. I set up a protocol rule to allow "All IP Traffic" outbound. Im sure all the right ports are open. has anyone ran into this? tom, help!
|
|
|
|
RE: issues - 24.May2001 8:29:00 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi NDS, When the firewall client works, and the SecureNAT client doesn't work, its most often due to a DNS configuration problem on the SecureNAT client. Make sure the SecureNAT client is configure with an address for a DNS server that can resolve Internet host names. HTH,
Tom ------------------
Tom Shinder
http://www.isaserver.org/shinder/
 Get It Here
|
|
|
|
RE: issues - 24.May2001 10:05:00 PM
|
|
|
ndsrocks
Posts: 16
Joined: 24.May2001
From: santa clara , ca
Status: offline
|
thanks for your reply. i've got all the clients using the dc for dns. the dc is setup to use dns fowarders (our isp's dns servers). So, shouldnt this work if all machines, including the dc, have the internal ip of the isa server as their default gateway? another thing i should have mentioned in my post; i cant get to any websites using an ip instead of a domain name - 216.32.74.50 for example should take me to www.yahoo.com. this doesnt work when using secure nat so doesnt that rule out dns or no? As you can tell i have no experience with isa so i can really use all the help i can get...
thanks again
|
|
|
|
RE: issues - 25.May2001 5:05:00 PM
|
|
|
ndsrocks
Posts: 16
Joined: 24.May2001
From: santa clara , ca
Status: offline
|
nevermind...had to publish the internal dns server and then assign the external ip of the isa server as the clients primary dns server. now it works.... lets just see if i can get exchange working...
|
|
|
|
|
RE: issues - 30.May2001 6:01:00 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi NDS, That's an interesting, but unconventional solution! Publishing your internal DNS server, which contains your private namespace is a real big security hole. I'd avoid that if at all possible. If you're internal DNS server is configured to Forward requests to a DNS server on the Internet, then it should work. Actually, it *must* work because we've done this many times so we know it works! Use Network Monitor to check how the DNS queries are handled. That can give you a lot of insight into what your problems might be. Tom ------------------
Tom Shinder
http://www.isaserver.org/shinder/
Get It Here
|
|
|
|
RE: issues - 6.Jun.2001 11:07:00 PM
|
|
|
madmax
Posts: 15
Joined: 6.Jun.2001
From: belper, derbyshire, england
Status: offline
|
sounds like the dns server cant / isn't forwarding reverse lookups???
|
|
|
|
|
RE: issues - 9.Jun.2001 3:33:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Max, I don't think its an issue with reverse lookups. NDS gives an example trying to connect using an IP address rather than a FQDN. But that IP address does not need to be translated to a FQDN; all the browser needs is the IP address to send the request to the appropriate destination. HTH,
Tom ------------------
Tom Shinder
http://www.isaserver.org/shinder/
Get It Here
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
