• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Perimeter Networks Unavailable When Internet Down

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Perimeter Networks Unavailable When Internet Down Page: [1]
Login
Message << Older Topic   Newer Topic >>
Perimeter Networks Unavailable When Internet Down - 6.Jan.2007 10:04:13 AM   
tonygauderman

 

Posts: 107
Joined: 6.Feb.2006
Status: offline
Yesterday, after an incompetent construction company cut through a bundle of fibers leaving us without internet, long distance, and a few WAN links, I discovered a strange problem with my ISA 2004 Configuration.  I could not connect to my two perimeter networks when the internet was down.   My network topology as as shown below...
 
                     Internet
                        |
                        |
                      Router
                        |
                        |
                      PIX (NAT's)
                        |
                        |
                DMZ1---ISA---DMZ2
                        |
                        |
           Internal Network (Layer 3 Switch)
 
The Network Relationships are as follows
External to all other networks - NAT
DMZ1 & DMZ2 to Internal - Route
 
When the T1 on the internet router went down, access to DMZ1 and DMZ2 went away.  After spending time verifying the route tables on the ISA server, client computers, and on the L3 switch on the Internal Network, and finding nothing, I had one strange idea.  I have a single default gateway defined on the external interface of the ISA server pointed, as you are supposed to.  I configured the external interface to have NO default gateway, and to my amazement, access to DMZ1 and DMZ2 was restored.  Several hours later, after the T1 was up again, I put the default gateway back in, and all is working as before.  Any ideas why a physical interface two hops removed from the outside interface of the ISA server would have any bearing on traffic to DMZ1 and DMZ2?
 
Thanks in advance.
Tony

 
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Perimeter Networks Unavailable When Internet Down Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts