No announcement yet.

ISA 2004 External Interface Problem

  • Filter
  • Time
  • Show
Clear All
new posts

  • ISA 2004 External Interface Problem

    ISA 2004 on Win2K3 member server of private domain in home. 2 NIC's. When I connect cable modem to external interface of ISA box and set that interface to use DHCP, it gives me error message stating "Invalid Address - unable to aquire DHCP address". Tried different NIC, different straight through cable between, crossover cable between, ipconfig /release and /renew, etc., The interface "connects" but does not retrieve a DHCP address from the ISP. IP Address listed in ipconfig /all is with class A subnet mask. The ISP confirms that an DHCP address exists for my network but it might have been the one generated from before when my router/firewall was requesting a DHCP address. BTW, Internal interface is not connected at all. I am logged onto the ISA box with cached credentials and working only with the external NIC. Any ideas on why the box can't talk to the ISP? Do I have to configure a setup to inform the ISA server that this is the topology I am using?

  • #2
    So you have:

    Server with Nic for internet use -> Cable Modem -> ISP (Internet)

    You need:

    Static IP for Nic which is the same subnet as the Cable Modem IP -> IP Address for cable modem (set as your gateway address on your Nic) -> IP Address that is given by ISP is given to the cable modem NOT your Nic.

    Your Modem has the ISP Username and password (if im right). It connects to the internet, gets an IP address from your ISP. Then your server should be set to talk to you cable modem (using it as a gateway).

    Hope you understand my explanation (and I hope it is right!!!!)
    Server 2000 MCP
    Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


    • #3
      ISA 2004 external NIC problem

      Yes, you are basically correct. It looks like this:
      ISA server w/ext. NIC set to DHCP -> cable modem -> ISP

      Normally it looks like this:
      Internal servers/workstations -> router/default gtwy -> cable modem -> ISP. DNS is running on the Win2K3 DC and all other computers refer to it for name resolution and the router for the default gtwy.

      The only difference that I see between the environment I am in and what you replied with is that the ISP is using DHCP by default. I do not have a static address. The upside of this is that once you are issued an address from their DHCP server, it rarely changes (unless of course you restart your machine and/or cable modem, causing another request to be sent. Since this is the case, the dynamic address issued is essentially a static address. For some reason, in this configuration, I am not getting the address and gateway assigned to my externally facing NIC via their DHCP environment and I don't know why. When I connect up my network the way that it works normally, the cable modem is directly attached to a Linksys Router/Firewall/Ethernet Switch/VPN Server that my internal network hangs off of. My workstations and servers can all use the public internet in this configuration. Of course, internally I am using static addresses on a private network segment but the external interface of the router is setup for DHCP. If the ISA server is setup to use DHCP on the external interface, there shouldn't be any reason in my mind that it wouldn't connect and obtain IP information, unless perhaps the ISA services themselves are prohibiting it. I will try stopping all the ISA services and connect again. I'll update you. pics coming in separate post.


      • #4
        Ok. I think you have misunderstood my message. Ill try to explain.

        Your cable modem has an ethernet interface? What is its ip address? What was the gateway of your clients in the previous setup?

        Then what you want is this:

        Internal nic (to lan):

        IP Address: 192.168.0.x (local network address)
        Gateway: Nothing

        External Nic (to ethernet modem):

        Ip address: (or one up from your cable modems ethernet ip address)
        Gateway: (or whatever your cable modems ethernet ip address is)

        Then your cable modem will get a DHCP address when it connects to the internet for its 'dialup' interface.

        Then your clients talk to the internal NIC address (as there gateway) and ISA (if setup properley) will forward on the details to the cable modem which will then trot off to the internet. But first get your ISA server browsing webpages first!
        Server 2000 MCP
        Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


        • #5
          ISA Server 2004 problem

          attached is current configuration and desired configuration
          Attached Files


          • #6
            What you need to understand is that your cable modem is not a DHCP server. It wont forward the IP address it gets from your ISP as IT needs it to connect to the internet. Your setup as it stands (original one) shows your router has DHCP on its external interface set-up... are you sure this is true???. Have a look at your Linksys management setup and see what ip address its external interface has got. Please post your findings.

            UPDATE: Take a look at this - hopefully it will explain things better.
            Attached Files
            Server 2000 MCP
            Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


            • #7
              I'm sorry I gave you the impression that I thought the cable modem was a DHCP server. I know that it is not. In fact, the DHCP server that serves the connection is at Charter Communications, the ISP. However, what I find is that the router is being assigned a DHCP address from Charters' DHCP server and I can't see any information regarding the cable modem at all. Yes it has an ethernet interface and therefore should have an address assisgned to it, but I have never been able to see that information and I don't believe that it is relavent to the problem at hand. The cable modem is doing it's job regardless. Generally the IP address that shows up on the routers external interface is a 24.x.x.x address, which jives out with their DNS IP's as well. So when the router is the device that is directly connected to the cable modem, and is setup for DHCP, the router's external interface gets a DHCP address from Charter and everything works great on the LAN. My problem seems to be that when I put the ISA server as the device that is directly connected to the cable modem, I am not able to get the DHCP address assigned to my external NIC on the server.

              I think what might be happening is that the ISA server is in "lockdown" mode, which can occur for a variety of reasons. I need to get a book on ISA so I learn more about it. I also don't think that I have my networks defined properly in ISA, which can prevent communication from occuring. When I get some time, hopefully this weekend, I will try to look deeper into this as the potential source of my trouble.


              • #8
                Re: ISA 2004 External Interface Problem

                I've Exactly the same problem with ISA server 2003 and my external interface card.

                external interface ethernet card connects with a cable modem motorola sb5100 which aquire dynamic ip address from the isp.....

                plz help me to solve this problem..



                • #9
                  Re: ISA 2004 External Interface Problem

                  The default ISA "System Policy" is to block DHCP connections etc. Did you checked this settings?
                  Also, the internal should have online adapter with static IP and without default gateway.
                  Also, is the ISA dial to cable modem? Try to use PPTP/PPPOE dial out for this connection + setup static IP for the external adapter.
                  I think that if you check the instructions how to setup single PC with the cable modem and NIC you will find the trick
                  Best Regards,

                  Yuval Sinay

                  LinkedIn:, Blog:


                  • #10
                    Re: ISA 2004 External Interface Problem

                    I have the exact same problem. The strange thing is that without ISA server installed there isnt any problems, then it gets ip adress instantly, so it is ISA server thats blocking for something.
                    Though I had fixed it, but cant remote my server anymore, so must be this problem again. Gonna try some stuff later today.


                    • #11
                      Re: ISA 2004 External Interface Problem


                      Try editing the system policy "Allow DHCP replies from DHCP servers to ISA Server" change the from to include external, this should allow you pick up your IP from your ISP