configuration question (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure


SnidelyW -> configuration question (9.Oct.2007 9:04:56 PM)

I have a simple configuration, one network segment behind an ISA Server 2004 Standard Edition firewall.  All addresses on the internal network are 192.168.1.x.  We just added some Cisco gear to do VOIP, and one of the Cisco boxes has an IP address of, and it wants to use NTP to get TOD updates.  This box is on the same segment  as the 192.168.1.x machines.

The gateway address for the network is, which is the IP address of one of the NICs on the ISA Server.  The other NIC on the ISA Server connects to the external router.

How do I setup the network configuration/definition and rule to allow the NTP traffic from through ISA server?  I get configuration errors trying simple things, like adding to the Internal Network definition, and the NTP packet out is always denied with an error in the ISA monitor trace.  I might be able to upgrade to ISA 2006 Standard Edition.



enricoklein -> RE: configuration question (10.Oct.2007 5:26:17 AM)


you say that the Cisco box is on the internal segment, but the IP subnet is different. What is your subnetmask? If you have a subnetmask of, the Cisco box in the 192.168.2.x range will not be able to reach the gateway

If the subnetmask is a class B mask ( then you should include the range in the Internal network on ISA.


SnidelyW -> RE: configuration question (10.Oct.2007 11:57:49 AM)

Thanks!  That's the key bit of information I needed. Great guess about my subnet mask based on the very limited information provided with my question!  [8|] I did indeed have the subnet mask set to on the internal network NIC of the ISA server.  [:o] Once I changed that, and the Internal network definition as you suggested, things began to flow very nicely.


enricoklein -> RE: configuration question (10.Oct.2007 12:07:34 PM)

Great! Thanks for the feedback.

Page: [1]