Access Policy 2 Error -Forced to Reinstall

Access Policy 2 Error -Forced to Reinstall (Full Version)

All Forums >> [ISA 2006 Firewall] >> Access Policies

Message

Budmaas -> Access Policy 2 Error -Forced to Reinstall (11.Jun.2008 5:05:58 AM)
Hi all Can anybody find the error in the following Access Policy 2 ? Policy name - Email only & locked IP's [ doesn't matter ] Rule Action - Allow Protocol - Selected Protocol [ pop3 & SMTP ] only or Rule Action - Deny Protocol - http [Tested Both way ] Access rule - All network & local host Acces rule destination - All network & local host. All users Please find the error in this access policy. While using Isa 2004 & 2006 & creating policy 2 , Internet & email stops & only way is to get back is uninstall & install it again. Please check the policy, if i'm making any mistake.

paulo.oliveira -> RE: Access Policy 2 Error -Reinstalling is the solution (11.Jun.2008 4:25:48 PM)
Hi, If you are trying to allow internet access and pop3/smtp access to the users on your internal network, the rules should be the following: Rule#: 1 Rule name: Allow Internet Access; [ doesn't matter ] Action: Allow; Protocol: HTTP; Source: Internal; Destination: External; User: All users (or user set defined by you) Rule#: 2 Rule name: Allow Access To POP3/SMTP ; [ doesn't matter ] Action: Allow; Protocol: POP3, SMTP; Source: Internal; Destination: External; User: All users (or user set defined by you) Regards, Paulo Oliveira.

Budmaas -> RE: Access Policy 2 Error -Reinstalling is the solution (17.Jun.2008 11:38:24 AM)
quote: ORIGINAL: paulo.oliveira Hi, If you are trying to allow internet access and pop3/smtp access to the users on your internal network, the rules should be the following: Rule#: 1 Rule name: Allow Internet Access; [ doesn't matter ] Action: Allow; Protocol: HTTP; Source: Internal; Destination: External; User: All users (or user set defined by you) Rule#: 2 Rule name: Allow Access To POP3/SMTP ; [ doesn't matter ] Action: Allow; Protocol: POP3, SMTP; Source: Internal; Destination: External; User: All users (or user set defined by you) Regards, Paulo Oliveira. It looks like seperate policies. my current policy is like this Action - Allow Protocol - All outbound from - all network ( local host ) to - all network ( local host) Condition - all users. The above policy is against default rule of isa 2006 auto created while installation. My requirement is 2 policies - one for internet & other for email only Internet users IP => 192.168.1.1 - 7 && 192.168.1.200 to 230 Email Users are => 192.168.1.8 - 200 && 192.168.1.231 to 254 Is it possible this way ?

Budmaas -> RE: Access Policy 2 Error -Reinstalling is the solution (18.Jun.2008 6:28:55 AM)
In addition to the above what eror i have seen is http://ieframe.dll//dnserror.htm This error used to come when I create access rule 2 to deny http access for certain range of IP's on network. Once this error starts ISA 2004 & 2006 stops everything & never let internet access start until I re-install ISA 2004/2006 again. Looks like amazing error or may be i /m doing something wrong everytime. ???

bhavin78 -> RE: Access Policy 2 Error -Reinstalling is the solution (19.Jun.2008 2:17:46 PM)
Did you check logs?

Budmaas -> RE: Access Policy 2 Error -Reinstalling is the solution (21.Jun.2008 5:04:12 AM)
quote: ORIGINAL: bhavin78 Did you check logs? Alert Information Description: ISA Server detected routes through the network adapter SAT Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.0.0-192.168.0.0;192.168.1.255-192.168.255.255;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur. my strange problem is - i cannot create 2-3 access policies, whenever i tried to create one more - Access for users go off & it cannot be restroed until I uninstall & install ISA 2004/2006. [:o][8\|][8D][:@][&o]

Budmaas -> RE: Access Policy 2 Error -Reinstalling is the solution (23.Jun.2008 8:33:46 AM)
Updating the issue It may be reason of those errors above I have 2 NICs in this server & SAT NIC is on DHCP enabled. Do i need to make a policy for this NIC also with specifiying the range of IPs' ? Just checking? [:@][:@][:@]

Page: [1]