• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2006 Routing Issues

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> ISA 2006 Routing Issues Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2006 Routing Issues - 4.Feb.2009 2:29:53 PM   
chaz_scott0049

 

Posts: 2
Joined: 4.Feb.2009
Status: offline
Hi there to all,
 
I must really apologise if there is already an article which covers this issue, however I couldn't find any relevant resources, and am quickly running out of hair to pull out!!
 
Situation:
 
Internal LAN: 192.168.0.x/24 -> Gateway 192.168.0.254
ISA Server: 2 NICs
NIC 1: 192.168.0.254 -> Gateway 192.168.0.254
NIC 2: 192.168.10.1 -> Gateway Empty
External LAN: 192.168.10.x/24
DSL Modem: 192.168.10.254
 
There are no static routes configured in RRAS as setting any has not achieved anything. I am only new to ISA 2006 and have become quickly confused with the issues that are in the box.
 
From the ISA server, I can ping both subnets however, from clients within each subnet I can't ping the other subnet. Also, I can't access any internet resources from the ISA server.
 
Please can someone advise how I can continue? I need all clients in the 192.168.0.x/24 subnet to have access to the internet and also to give external clients (internet) access to the OWA and web servers within the 192.168.0.x/24 subnet.
 
Help...
Post #: 1
RE: ISA 2006 Routing Issues - 4.Feb.2009 10:40:34 PM   
richardhicks

 

Posts: 477
Joined: 20.Jan.2009
From: Southern California
Status: offline
The default gateway needs to be placed on the external network interface.  The internal network interface will require static routes to any internal remote subnets that need to reach your ISA firewall.

_____________________________

Richard Hicks - Forefront MVP
http://tmgblog.richardhicks.com/
http://directaccess.richardhicks.com/

(in reply to chaz_scott0049)
Post #: 2
RE: ISA 2006 Routing Issues - 5.Feb.2009 6:56:20 AM   
chaz_scott0049

 

Posts: 2
Joined: 4.Feb.2009
Status: offline
Thanks Richard,
 
There is now internet access on the network, however there are two other issues that I've now got to tackle:
 
1. Users are able to access sites not on the Trusted Sites group within ISA
2. Access to the internet is not getting logged against the user's credentials
3. I'm now getting this error in the Best Practice Analyzer:
 

Events that triggered the alert:
05/02/2009 10:40:19 - The server publishing rule Mail Servers IMAPS Server failed because there was no valid network listener. For requests to reach the published server there must be a network relationship between the selected listener networks and the published server. Error location: 325.957.5.0.5720.100.
The failure is due to error: 0x8007000d
 
Any Ideas?

(in reply to richardhicks)
Post #: 3
RE: ISA 2006 Routing Issues - 5.Feb.2009 10:57:05 AM   
richardhicks

 

Posts: 477
Joined: 20.Jan.2009
From: Southern California
Status: offline
Sounds like you'll need to require authentication on your access rules.  At a minimum if you include the 'all authenticated users' group you will see user credentials in your access logs.  With regard to the publishing rule issue, my suggestion would be to delete the rule and re-create it.

_____________________________

Richard Hicks - Forefront MVP
http://tmgblog.richardhicks.com/
http://directaccess.richardhicks.com/

(in reply to chaz_scott0049)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> ISA 2006 Routing Issues Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts