I've a MS ISA 2006 with SP 1 Server running on Windows 2003 with SP2. Internet is working for Local host & Internal CLient PCs also. But When I logging to Internet through this ISA Server , some web sites it doesn't open. it comes a Error. Please find the Below Content regading this Error.
Technical Information (for support personnel) Error Code 11001: Host not found Background: This error indicates that the gateway could not find the IP address of the website you are trying to access. This is usually due to a DNS-related error. Date: 3/16/2010 11:05:31 AM [GMT] Server: WTC-ISA-07.expo.ad Source: DNS error
From: Taylorville, IL
Everything on the LAN is supposed to use the same DNS scheme.
Everything on the LAN (including the ISA) is supposed to use the AD/DC/DNS for the DNS and never anything else. You then add a Forwarder within the Config of the DNS Service on the DNS Server that points to an external DNS Server such as your ISP or a service like www.opendns.com
Make sure the first Rule at the top of the Rule List on the ISA is an Anonymous Outbound DNS Access Rule that allows the AD/DC/DNS to make outbound DNS Queries to the DNS listed as the Forwarder.
The ISA should have the AD/DC/DNS listed as the DNS Server on the Itnernal Nic,...the External Nic is supposed to be blank for the DNS.
As per you told i did it. But no any changes. Problem is there yet.
Furthermore I'm providing more details.
LAN NIC Settings -
IP Add - 10.2.1.25 Subnet Mask - 255.255.255.0 Default Gate Way - Preferred DNS - 10.2.1.4 (Internal DC ) Alternative DNS - 10.1.2.4 (Internal DC )
WAN NIC Settings -
IP Add - 192.168.3.20 Subnet Mask - 255.255.255.0 Default Gateway - 192.168.3.1 ( ADSL Router IP ) Preferred DNS - 188.8.131.52( Provided by ISP ) Alternative DNS - 184.108.40.206(Provided by ISP )
I've added the Routeing or our Remote Locations (IP/VPN) Connection also. paralley added these networks in ISA Network also.
But Still Can' go to Some websites. I formatted few Times also. problem is same. Everytime it comes after 1day install this ISA Server.Further I've configured another ISA server with using this DNS Settings also. Kindly please advise me. Regards,
Yes, you must remove the ISP DNS servers on the external interface of the firewall, then you must configure your internal DNS server to prefrom recursion or use a forwarder, and then configure the firewall to allow outbound DNS for the DNS server.