Welcome to ISAserver.org

Problem with ISP Redundancy - keeps failing over

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> Problem with ISP Redundancy - keeps failing over

Page: [1]

Message

<< Older Topic Newer Topic >>

Problem with ISP Redundancy - keeps failing over - 13.Dec.2011 2:34:54 PM

jgwinner

Posts: 43
Joined: 11.Aug.2005
From: SoCal
Status: offline

I'm having a big problem with ISP Redundancy

From the O/S standpoint, everything is setup correctly; I can trace route through the primary connection without a problem. I can ping the gateway (running through a Dell Layer 3 switch) and the gateway's gateway.

However, about once a day, I get a single alert in the ISA console that says "Description: There is no local IP address on the External network available for connecting to ISP XO. " and it fails over.

There aren't any other configuration errors that I see on the system. It DOES have a local IP (in fact, it has 3, for each of the 3 servers it will be publishing).

I don't have a DNS server configured though, do I need one?

When I disable the backup Internet line, it will switch, I get a good tracert to www.google.com on the new ISP, but within 1 minute I get the error message again and it fails over.

ipconfig info:

quote:

Ethernet adapter New Internet:

Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 16.2.123.202
Subnet Mask . . . . . . . . . . . : 255.255.255.248
IPv4 Address. . . . . . . . . . . : 16.2.123.203
Subnet Mask . . . . . . . . . . . : 255.255.255.248
IPv4 Address. . . . . . . . . . . : 16.2.123.204
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : 16.2.123.201

ROUTE PRINT:

===========================================================================
Interface List
15...00 1b 21 ac b1 13 ......Intel(R) PRO/1000 PT Dual Port Server Adapter #2
14...00 1b 21 ac b1 12 ......Intel(R) PRO/1000 PT Dual Port Server Adapter
12...00 13 72 fc 06 9d ......Broadcom NetXtreme Gigabit Ethernet #2
33...........................RAS (Dial In) Interface
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 16.2.123.201 16.2.123.202 2
0.0.0.0 0.0.0.0 67.222.238.241 67.222.238.244 40
67.222.238.240 255.255.255.248 On-link 67.222.238.244 276
67.222.238.244 255.255.255.255 On-link 67.222.238.244 276
67.222.238.247 255.255.255.255 On-link 67.222.238.244 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.222.253.0 255.255.255.0 On-link 192.222.253.234 266
192.222.253.37 255.255.255.255 On-link 192.222.253.37 306
192.222.253.234 255.255.255.255 On-link 192.222.253.234 266
192.222.253.255 255.255.255.255 On-link 192.222.253.234 266
16.2.123.200 255.255.255.248 On-link 16.2.123.202 257
16.2.123.202 255.255.255.255 On-link 16.2.123.202 257
16.2.123.203 255.255.255.255 On-link 16.2.123.202 257
16.2.123.204 255.255.255.255 On-link 16.2.123.202 257
16.2.123.207 255.255.255.255 On-link 16.2.123.202 257
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.222.253.234 266
224.0.0.0 240.0.0.0 On-link 16.2.123.202 257
224.0.0.0 240.0.0.0 On-link 192.222.253.37 306
224.0.0.0 240.0.0.0 On-link 67.222.238.244 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.222.253.234 266
255.255.255.255 255.255.255.255 On-link 16.2.123.202 257
255.255.255.255 255.255.255.255 On-link 192.222.253.37 306
255.255.255.255 255.255.255.255 On-link 67.222.238.244 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 16.2.123.201 1
0.0.0.0 0.0.0.0 67.222.238.241 Default
0.0.0.0 0.0.0.0 67.222.238.241 20
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 266 fe80::/64 On-link
12 266 fe80::b4fa:15fa:a4a8:5c1f/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

I sanitized the IP's but you should get the idea.

Any ideas?

== John ==

Post #: 1

Featured Links*

RE: Problem with ISP Redundancy - keeps failing over - 13.Dec.2011 5:13:15 PM

jgwinner

Posts: 43
Joined: 11.Aug.2005
From: SoCal
Status: offline

I figured out my own problem.

When we first got the new ISP, they gave us 2 different sets of IP's

Set 1:
1.2.3.2
Gateway 1.2.3.1

Set 2:

5.6.7.2-6
Gateway 5.7.7.1

But no router. Before I reprogrammed my Dell 6248 to be a Layer 3 switch, I put the following IP's directly on the ISA server:

1.2.3.2
5.6.7.2
5.6.7.3
5.6.7.4

Gateway 1.2.3.1
and plugged it into the ISP's router.

This worked, and the ISP redundancy worked.

When I reprogrammed our L3 switch to route, and it took 1.2.3.2
and 5.6.7.1, then I set the default gateway in TMG to 5.6.7.1. That worked.

The mistake was on the ISP Redundancy tab, the default gateway was still set at 1.2.3.1, which didn't exist on the new ISA NIC ... it now only has:
5.6.7.2
5.6.7.3
5.6.7.4

It all seems to work now.

== John ==

(in reply to jgwinner)

Post #: 2