• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Odd problem!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> Odd problem! Page: [1]
Login
Message << Older Topic   Newer Topic >>
Odd problem! - 1.Dec.2009 2:31:15 AM   
hoomi_mcse

 

Posts: 12
Joined: 10.Nov.2009
Status: offline
Hey guyz I have a really strange problem!!

I create a rule in order to filter some domain names and URLs set for a group or some users and it works well but when I apply this rule DHCP stop working!!!! I mean no computer can get IP from DHCP anymore despite DHCP server doesn't show any problem and as soon as I delete the rule DHCP starts working again!!
here is the rule:
Protocols: all protocols
Source Network: Internal
Destinition Netwok:  specific Domains and URLS
Users: Specifric Users

what do you think is the problem?
Post #: 1
RE: Odd problem! - 1.Dec.2009 2:41:41 AM   
hoomi_mcse

 

Posts: 12
Joined: 10.Nov.2009
Status: offline
it's funny! just when I was typing this topic I realized I can select only http and https protocols . and then DHCP problem had been solved!!

but still it's a question to me why DHCP stopped working   with this rule when all protocols was selected?

(in reply to hoomi_mcse)
Post #: 2
RE: Odd problem! - 1.Dec.2009 1:12:49 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

this should answer your question:
quote:


 Ordering DHCP Request Rules
The destination of DHCP requests is a broadcast address. ISA Server does not perform name resolution for broadcast traffic, but rather denies it. If there is an allow or deny rule that may match the DHCP request and requires name resolution, and that rule is higher in the rule order than the DHCP request rule you have created, DHCP traffic may be denied.
A rule requiring name resolution contains either a domain name set or a URL set in the destination (To) criterion. Note that if there are other criteria in the rule that do not match a DHCP request, there is no conflict.
To avoid conflict, ensure that the rule you have configured to allow DHCP requests is higher in the rule order than any other rule that uses name resolution that may match the DHCP request. This principle is shown in the following example.
This rule will not work:

  • Deny all protocols from www.attack.com
  • Allow DHCP requests from internal to local host
This rule will work:

  • Deny HTTP protocol from www.attack.com
  • Allow DHCP requests from internal to local host
This rule will work:
  • Allow DHCP requests from internal to local host
  • Deny all protocols from www.attack.com

Source: http://technet.microsoft.com/en-gb/library/cc302680.aspx



Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to hoomi_mcse)
Post #: 3
RE: Odd problem! - 2.Dec.2009 12:54:32 AM   
hoomi_mcse

 

Posts: 12
Joined: 10.Nov.2009
Status: offline
wow that's exactly explanation of my problem. thank alot , first I was using the same example and DHCP stopped working but then I tried 2nd example and it worked but I found it out before reading it and it's cool to read it now to understand  the problem .
thank alot

(in reply to paulo.oliveira)
Post #: 4
RE: Odd problem! - 2.Dec.2009 1:21:32 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Cool!

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to hoomi_mcse)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> Odd problem! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts