We've installed ISA server in cache mode on a windows 2000 server. We are running dual intel nic's in load balancing mode. The server was just installed on Saturday.
1.) This morning we come in to find that there are a bunch of static routes added to the routing table. The IP addresses are from different sites (yahoo.com, hotmail.com, etc). The default route on the ISA server is our primary router at corporate. This router then directs all internet traffic to our Checkpoint firewall. The new routes in the ISA server point to the internal NIC of our Checkpoint firewall (as opposed to the default route of the corporate router). If I set the default route as the internal nic of the checkpoint firewall, nothing gets out. Why is the servers routing table being populated with routes to the checkpoint firewall as opposed to using the default route.
2.) We have the the access policy in ISA set to allow "All IP Traffic" out to any destination. We use our checkpoint firewall and websense to block and monitor specific traffic. When people try to stream certain internet radio stations, they get an error. The website that is posting the error is http://www.midi1.com
The Technical Information on the page says the following:
This error indicates that the gateway could not find the IP address of the website you are trying to access
-ISA Server: NETPROXY.xyz.com
Time: 11/10/2003 3:19:27 PM GMT
This error occurred at 10:19 AM EST. I've checked the time on our ISA server and it appears to be accurate. I know that some routing is time sensitive and I wonder if this could be the problem. Does our checkpoint firewall, ISA server, and Corporate Router all need to be on the same time (precisely...they are currently all within a minute or so of eachother)? Or is this a routing issue? Thanks for your help. This is the most valuable site I've found for this kind of info.