• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2k4 and DHCP Spoofing

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> ISA 2k4 and DHCP Spoofing Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2k4 and DHCP Spoofing - 29.Feb.2004 12:16:00 AM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
Hi all.

A while ago, I tried to setup my SpeedTouch 510 ADSL modem with DHCP-spoofing. My ISA 2000 server received the correct IP-address and after enabling the built-in DHCP-client packet filter, my internet connection was stable.

After upgrading to ISA 2004, my internet connection isn't stable anymore when using DHCP-spoofing. I created access rules allowing all trafic on ports 67 and 68 from localhost to external network and vice versa, but nothing helps. I also adapted the DHCP lease time in the modem's config, but still, my modem keeps on disconnecting and after a second or two it connects again.

Has anyone seen this kind of behaviour and does anyone know of a solution?
Post #: 1
RE: ISA 2k4 and DHCP Spoofing - 5.Mar.2004 4:29:00 PM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
Hmmm, I guess nobody knows the answer to this...

Isn't there a way to do the exact same thing as the 'DHCP-client' packet-filter in ISA 2k does?

(in reply to Linke Loe)
Post #: 2
RE: ISA 2k4 and DHCP Spoofing - 7.Mar.2004 5:04:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

The default System Policy allows the ISA firewall to be a DHCP client. I tested this a few weeks ago and it works fine.

HTH,
Tom

(in reply to Linke Loe)
Post #: 3
RE: ISA 2k4 and DHCP Spoofing - 8.Mar.2004 4:16:00 PM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
In my situation it doesn't. My Internet is disconnected when idle for a few minutes. The disconnection lasts about 3 secondsand then Internet comes up again.
3 Seconds is not long, but long enough to be very annoying. My guess was it had something to do with the DHCP-lease. The standard lease-time is 30 seconds. When I extend the lease-time, the internet-connection goes down again and doesn't come up on it's own, until the lease has expired.

In ISA 2000 this worked perfect after enabling the standard DHCP-client packet filter.

(in reply to Linke Loe)
Post #: 4
RE: ISA 2k4 and DHCP Spoofing - 11.Mar.2004 1:23:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

I'll have to check this out. I just noticed that the IP address was received, but I didn't test for any latencies like what you're seeing.

Thanks!
Tom

(in reply to Linke Loe)
Post #: 5
RE: ISA 2k4 and DHCP Spoofing - 11.Mar.2004 9:39:00 PM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
Ok, thanks Tom.

(in reply to Linke Loe)
Post #: 6
RE: ISA 2k4 and DHCP Spoofing - 13.Mar.2004 9:55:00 AM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
I've found out what really happens. When the DHCP-lease has expired, my ISA server should require a new DHCP-lease. The time my ISA server is requesting a new lease, the CPU utilization is at 100%. The services wspsrv.exe and isastg.exe are both at 50%.

(in reply to Linke Loe)
Post #: 7
RE: ISA 2k4 and DHCP Spoofing - 15.Mar.2004 3:52:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

Does this happen only when the lease is expired, or does the processor peg at other times too?

Thanks!
Tom

(in reply to Linke Loe)
Post #: 8
RE: ISA 2k4 and DHCP Spoofing - 15.Mar.2004 5:24:00 PM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
This happens only when the lease has expired.

(in reply to Linke Loe)
Post #: 9
RE: ISA 2k4 and DHCP Spoofing - 15.Mar.2004 11:19:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

Interesting. I'll see if I can repro it.

Thanks!
Tom

(in reply to Linke Loe)
Post #: 10
RE: ISA 2k4 and DHCP Spoofing - 19.Apr.2004 12:16:00 PM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
Hi Tom.

Have you tried to repro my problem yet? I'm hoping I can find an answer to my problem...

Thanks.

(in reply to Linke Loe)
Post #: 11
RE: ISA 2k4 and DHCP Spoofing - 23.Apr.2004 12:11:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

I could not repro it. It might be that the DHCP support has been fixed in subsequent builds. So, the final release code should not show this problem.

HTH,
Tom

(in reply to Linke Loe)
Post #: 12
RE: ISA 2k4 and DHCP Spoofing - 26.Apr.2004 11:50:00 AM   
Linke Loe

 

Posts: 57
Joined: 1.Oct.2003
From: Utrecht, Netherlands
Status: offline
Thanks for the effort. I'll wait until the realease before I try to setup DHCP-spoofing again.

(in reply to Linke Loe)
Post #: 13
RE: ISA 2k4 and DHCP Spoofing - 26.Apr.2004 11:58:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Linke,

You bet! I think you'll find the subsequent builds much better.

Thanks!
Tom

(in reply to Linke Loe)
Post #: 14

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> ISA 2k4 and DHCP Spoofing Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts