• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

WINS Proxy and/or 0xc0040014 ?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> WINS Proxy and/or 0xc0040014 ? Page: [1]
Login
Message << Older Topic   Newer Topic >>
WINS Proxy and/or 0xc0040014 ? - 10.Sep.2004 5:49:00 PM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
Hello again! "[Smile]"

Appears that our ISA 2k4 setup may almost be close to completion. Here is the setup:

External NIC = 128.208.125.85 /26
Internal NIC = 128.208.125.19 /26
Clients NIC = 192.168.125.100 /24

Every NIC for ISA is on its own network, we have put the client workstations on the 'Client network' and the servers on the 'internal network' So far traffic/policy is working pleasureful between the internal/external/client networks.

Except that when client workstations broadcast what i believe is a name query to 192.168.125.255, ISA denies the conection (port 138) with a result code of:
quote:
0xc0040014 FWX_EFWE_SPOOFING_PACKET_DROPPED
What then happens is when viewing a file such as a .doc that is stored on a network file server, the connection is lost (ISA produces the 0xc0040014 code) and Word, asks the user to reconnect to the server or exit.

So, I created a Lmhosts file for workstations that #PRE and #DOM the fileservers and also has \0x1b \0x1d entries for a DC.

The workstations still wanted to broadcast (bypassing lmhosts file?) but nbtstat -c shows that indeed the lmhosts file is being parsed correctly (determined by life -1)

Finally, would someone be kind to let me know how isa can allow the 192.168.125.255 broadcast traffic? I'm going to regedit ISA to enable it as a WINS Proxy to see if that helps, in the mean time, thank you for your time! "[Razz]"

Edgardo

p.s. a good article on WINS Proxy: "[Wink]"
WINS Proxy

[ September 10, 2004, 05:51 PM: Message edited by: grinn253 ]
Post #: 1
RE: WINS Proxy and/or 0xc0040014 ? - 13.Sep.2004 7:48:00 PM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
Setting ISA as WINS Proxy did nothing to accept the broadcasts to 192.168.125.255.

I'm also noticing:
quote:
0xc0040017 FWX_E_TCP_NOT_SYN_PACKET_DROPPED
when clients 192.168.x.x. are accessing internal 128.208.125.x

[Embarrassed] However by changing the broadcast address in the registry to 128.208.125.255, ISA passes the broadcasts [Big Grin] and the client workstations appear to hold their connections to MS Word documents longer. Originally was timing out ~5 seconds to 5 minutes. Now seems to time out more often when saving, rather than just during typing, or viewing of the file.

I'm now going to try editing keepalivetime & sessionkeepalive time in the registry on client workstations to see if it will keep communications with ISA (when MS Word/documents are open) active.

Goodbye,
Edgardo

(in reply to grinn253)
Post #: 2
RE: WINS Proxy and/or 0xc0040014 ? - 14.Sep.2004 7:55:00 PM   
penrose.l@2college.nl

 

Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
Hey Grinn,

Let me guess you have a NAT relationship ?
check this out. I spent 4 weeks to find where this error originates.

KB 301673 ű ˘You Cannot Make More Than One Client Connection Over a NAT Device÷ describes the issue. See http://support.microsoft.com/default.aspx?scid=kb;en-us;301673 for more details

This should definately be a sticky ( tom ? ) because it's a big problem with ISA.

Lex P.

(in reply to grinn253)
Post #: 3
RE: WINS Proxy and/or 0xc0040014 ? - 15.Sep.2004 4:29:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Lex,

Why not just disable NetBIOS on the clients and use DNS? Or how about just using a WINS server to get rid of the broadcasts, and finally, disable the dreaded browser service on all hosts.

HTH,
Tom

(in reply to grinn253)
Post #: 4
RE: WINS Proxy and/or 0xc0040014 ? - 15.Sep.2004 4:31:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:
Originally posted by Lex Penrose:
Hey Grinn,

Let me guess you have a NAT relationship ?
check this out. I spent 4 weeks to find where this error originates.

KB 301673 ű ˘You Cannot Make More Than One Client Connection Over a NAT Device÷ describes the issue. See http://support.microsoft.com/default.aspx?scid=kb;en-us;301673 for more details

This should definately be a sticky ( tom ? ) because it's a big problem with ISA.

Lex P.

Hi Lex,

All Internal networks should be routed, so that NAT issue isn't an issue. Are you NATing between internal networks? If so, why? There are a lot of disadvatages and few if any advantages.

HTH,
Tom

(in reply to grinn253)
Post #: 5
RE: WINS Proxy and/or 0xc0040014 ? - 15.Sep.2004 7:22:00 PM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
quote:
Originally posted by tshinder:
Why not just disable NetBIOS on the clients and use DNS? Or how about just using a WINS server to get rid of the broadcasts, and finally, disable the dreaded browser service on all hosts.

Hello, yes disabling NetBIOS on the clients also appears to work, however a machine we connect to via trust, is still on NT 4.0 so traffic to that machine isn't able to only use port 445 [Frown]

Browser service is already disabled on client workstations, WINS server already in place as well.

Lex, thanks a lot for your link! So far looks good, i'll relay a little more when a little more tests are run.

Edgardo

(in reply to grinn253)
Post #: 6
RE: WINS Proxy and/or 0xc0040014 ? - 16.Sep.2004 10:45:00 PM   
penrose.l@2college.nl

 

Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
hi ,

I remember something deep in my head that disabling netbios is bad. Something with GPO processing if I remember well.

anyway , if it helps it helps [Smile]

LexP

ps : NAT = for publishing other than websites internally on the ISA

(in reply to grinn253)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> WINS Proxy and/or 0xc0040014 ? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts