• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Changed to multi-homed configuration to include DMZ networks

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> DMZ >> Changed to multi-homed configuration to include DMZ networks Page: [1]
Login
Message << Older Topic   Newer Topic >>
Changed to multi-homed configuration to include DMZ net... - 24.Feb.2006 5:38:33 PM   
PCC

 

Posts: 199
Joined: 13.Nov.2001
From: Michigan
Status: offline
I recently change my edge firewall setup to a multi-homed setup to include a Anonymous DMZ network, NIC IP address is 172.16.0.1, and a Anonymous WAP network, NIC IP address is 10.0.0.1.  Ever sense this change I have been getting two errors when the firewall service starts up.


ISA Server detected routes through adapter External that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.) The address ranges in conflict are: 172.16.1.0-172.16.255.255;.


And this one

ISA Server detected routes through adapter Anonymous DMZ that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.) The address ranges in conflict are: 172.16.1.0-172.16.255.254;.

I have a NAT network rule for "Internal to Anonymous DMZ". I also have one ftp server and one HTTP server published in the Anonymous DMZ  on the same physical server with IP address 172.16.0.2.  Do I need to add a network rule for "External to Anonymous DMZ" via NAT as well?

Thanks.


Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> DMZ >> Changed to multi-homed configuration to include DMZ networks Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts