Announcement

Collapse
No announcement yet.

ISA Server 2004 connectivity

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ISA Server 2004 connectivity

    Hi

    I installed W2003S on a new box, joined the domain and then installed ISA. This server is running on the LAN. None of the other clients on the LAN can ping ISA, but the weird thing is that ISA can ping anyone. ISA doesn't show in the network browsing window but it shows in Active Directory. I already checked the system policy settings and it allows incoming ICMP packets.
    Please help?


    Regards
    Goldfish

  • #2
    Silly question but have you configured any packet filters... or is the firewall active on the LAN card?

    Not an ISA expert i'm afraid.
    Server 2000 MCP
    Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      ISA 2004 Connectivity

      Hi
      Firewall not active on LAN card either.

      In W2003Server the firewall is turned off. The ISA firewall in turned on with the system policy config enjoying preference. If I turn the firewall off, ISA goes into lockdown mode which means that no communication goes in or out. So that's not an option.

      ISA 2000 is fairly simple but, I can't find the packet filtering function in ISA 2004. Maybe you can help?

      Thanx

      Comment


      • #4
        Like i said i'm not an ISA 2004 expert, we run Cisco PIX firewalls. All i can recommend until someone else posts is to take a look at:

        http://www.isaserver.org/articles_tu...ation_general/

        Hope this helps until one of the other residents has a look at this thred.
        Server 2000 MCP
        Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        Comment


        • #5
          just a thought...
          isn't it that you should create an allow rule from the internal network to the NIC from isa

          something like this:
          Source: Internal Network
          Destination: Internal NIC of the ISA 2004 server
          protocol: ICMP
          Action: Allow
          Condition: All users
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Hi

            Thanx for the input Dumber, but I already created a system policy allowing all ICMP packets from the internal network. The fact that ISA can ping the LAN but not the other way around definately suggests a firewall issue, but what? I have no arrays which can override this allow policy either. I'm lost....

            Comment


            • #7
              Hi toneyyeb

              Thanx for the url, but already scrutinized that site and it's not of much help with this particular issue.

              Thanx

              Comment


              • #8
                ISA 2004 Connecting to Domain

                Hi

                I still haven't solved my ping issue, but I discovered an error in the event log stating that the Server cannot be updated because it can't contact the Domain cotroller "either doesn't exist or can not be contacted"

                Please help with this error if you can?

                Thanx
                G

                Comment

                Working...
                X