• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

routes thru adapter

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> routes thru adapter Page: [1]
Login
Message << Older Topic   Newer Topic >>
routes thru adapter - 23.Mar.2006 9:41:18 PM   
PRieisa

 

Posts: 2
Joined: 23.Mar.2006
Status: offline
I've read two articles on this site regarding the error I'm seeing in event viewer, but I simply can't see what I'm doing wrong.
The error:
 
"ISA Server detected routes through adapter Internal that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.)  The address ranges in conflict are: 172.16.0.0-172.16.0.0;172.16.0.37-172.16.0.63;."
 
My setup:
outside 67.97.x.y (MASK 255.255.255.224)<--> ISA 2004 <--> inside 192.168.155.36 (MASK 255.255.255.0) <--> router <--> 192.168.150.x etc
              
                    
 
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 90 d6 44 03 e6 ...... IBM PCI Token-Ring Adapter
0x10004 ...00 06 5b fe 81 63 ...... Broadcom NetXtreme Gigabit Ethernet
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
      0.0.0.0          0.0.0.0       67.97.x.33     67.97.x.35     20
67.34.x.98  255.255.255.255         67.97.x.33     67.97.x.35     20
67.97.x.32  255.255.255.224         67.97.x.35     67.97.x.35     20
67.97.x.35  255.255.255.255        127.0.0.1        127.0.0.1     20
67.97.x.42  255.255.255.255        127.0.0.1        127.0.0.1     20
67.255.255.255  255.255.255.255     67.97.x.35     67.97.x.35     20
   127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
  172.16.0.1  255.255.255.255        127.0.0.1        127.0.0.1     50
  172.16.0.5  255.255.255.255       172.16.0.1       172.16.0.1      1
192.168.17.0    255.255.255.0   192.168.155.65   192.168.155.36      1
  ...

192.168.149.0    255.255.255.0   192.168.155.65   192.168.155.36      1
192.168.150.0    255.255.255.0   192.168.155.65   192.168.155.36      1
192.168.155.0    255.255.255.0   192.168.155.36   192.168.155.36      1
192.168.155.36  255.255.255.255        127.0.0.1        127.0.0.1      1
192.168.155.44  255.255.255.255        127.0.0.1        127.0.0.1      1
192.168.155.255  255.255.255.255   192.168.155.36   192.168.155.36      1
    224.0.0.0        240.0.0.0     67.97.x.35     67.97.x.35     20
    224.0.0.0        240.0.0.0   192.168.155.36   192.168.155.36      1
255.255.255.255  255.255.255.255     67.97.x.35     67.97.x.35      1
255.255.255.255  255.255.255.255   192.168.155.36   192.168.155.36      1
Default Gateway:      67.97.x.33
===========================================================================
Persistent Routes:
Network Address          Netmask  Gateway Address  Metric
192.168.17.0    255.255.255.0   192.168.155.65       1
...

  192.168.150.0    255.255.255.0   192.168.155.65       1
{ Yeah, losta routes. :) I've also had some 'help', so if you see something odd, I might not have added it. }
 
I've deleted all addresses from the Internal networks object and added only the inside TR adapter.
 
RRAS range:
172.16.0.1 - 17.16.0.36
(i note that ras automatically inserts a mask here of 255.255.255.192)
 
(VPN is set to static address pool with same range.)
 
Everything seems to work: VPN, published web servers etc., with the exception that sometimes folks can't authenticate. I am inclined to investigate intermittent issues with a DC to solve THAT issue, but others are telling me I'm wasting my time until this issue is resolved.
 
I can't help but think there's something obvious I misread, or, to paraphrase Ambrose Bierce, "I've got the details right, my problems are merely basic and fundamental."
 
Any input appreciated....
 
 
 



 
 
 

< Message edited by PRieisa -- 24.Mar.2006 11:33:15 PM >
Post #: 1
RE: routes thru adapter - 25.Mar.2006 6:06:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi P,

Why are you using off subnet addresses for VPN clients?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to PRieisa)
Post #: 2
RE: routes thru adapter - 28.Mar.2006 7:49:47 PM   
PRieisa

 

Posts: 2
Joined: 23.Mar.2006
Status: offline
Thanks for the reply---
I'm not sure.  The system suffered a fatal crash, and backups were corrupt. I'm rebuilding it, but this is my first experience with ISA. The original system was set up someone else and this is how they did it. I do know that before the crash, it worked fine using those same addresses.

I take it I should be using a range of addresses reserved from one of the inside subnets?

(in reply to tshinder)
Post #: 3
RE: routes thru adapter - 30.Mar.2006 4:33:32 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi P,

Try using DHCP and onsubnet addresses and see if that fixes the problem.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to PRieisa)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> routes thru adapter Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts