?
Solved

How to configure SBS 2000 ISA Server Web Proxy for DSL Connection

Posted on 2005-02-24
6
Medium Priority
?
1,076 Views
Last Modified: 2010-04-09
The following is our setup

SBS 2000 Server - AD, DNS, Exchange and ISA
Two NIC's
IP Routing Enabled
RRAS Enabled
IP route command
0.0.0.0    0.0.0.0     10.1.1.2    Default Route

Internet --------ADSL Router ---------------- North [xxxxxxxxx] South  ------- Internal Lan
      DHCP from ISP        10.1.1.1/8     10.1.1.2/8                  192.168.0.1/24

South:
Internal Lan
IP 192.168.0.1/24
DG: None
DNS : 192.168.0.1

North:
External Connection
IP 10.1.1.2/8
DG:10.1.1.1 (IP address of the ADSL Router)
DNS: 192.168.0.1

Configure Internet Connection Wizard for Full Time Broadband Router
Following services work fine
1. nslookup work all external domains
2. ping from 10.1.1.1 to all external domains including FQDN
3. Mail are picked up by the Small Business POP3 Connector
4. Mail are send sucessfully via Small Business SMTP connector
5. FTP works fine

From the DC 192.168.0.1
With and Without Proxy Server Settings. Browser Status Bar Shows the FQDN of the requested site
and Internal Clients

Following error message is shown in IE

HTTP 502 Proxy Error   ISA server dial out connection failed
Background message:
The Gateway could not retrieve the requested page

On the DC Server
Warning Message for Microsoft Web Proxy  Event ID 14142
Message: The DUN connection failed.


How to configure Microsoft Web Proxy to talk to the internet via the ADSL Router connected Nic and why is the ISA allowing the rest of the traffic

Regards

John
0
Comment
Question by:John P John
  • 3
  • 2
6 Comments
 
LVL 6

Expert Comment

by:_ruudsje_
ID: 13396093
Maybe this explains a bit....

North:
External Connection
IP 10.1.1.2/8
DG:10.1.1.1 (IP address of the ADSL Router)
DNS: 192.168.0.1  ------> should be external dns provider (isp)

External Interface should always have external dns ip addresses.
Why do some things work, cause you probably use dns forwarders in on you sbs

Check Internet NIC priority and LAN NIC -> Network connection control panel, click advanced, select advanced settings, adapters and bindings, select internet nic and click arrow down.....also deselect on internet nic -> client for ms networks, file and print sharing
0
 
LVL 35

Accepted Solution

by:
Bembi earned 1000 total points
ID: 13398761
As long as you have setup forwarders (within DNS), your setup is o.k., otherwise it yould not work.

But have a look at this:
http://support.microsoft.com/default.aspx?scid=kb;en-us;829621
(see second cause)

Also it may be, that you have configured a dial up connection  (ISDN card etc.) and set it as primary connection (instead of LAN). Have a look at your network connection settings. DSL is a permanent line to your server, not a dial up. Dialing is done by the DSL router / modem.
0
 
LVL 3

Author Comment

by:John P John
ID: 13399449
ruudjse, will check out the External DG changes once I am back at office
All NIC have been checked for priority and have it in the following order
Internal Nic
External Nic  NO MS and F&P Services
Remote

bembi's looks like the choice solution and it is targeting the exact issue faced by me.  And yes till 2 days back my internet connection was via the DUN ISDN, primary exit point out of our lan
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
LVL 3

Author Comment

by:John P John
ID: 13399471
ruudjse, will check out the External DG changes once I am back at office. I had some issues with External DNS and that is why it was forwarded to internal DNS. All NIC have been checked for priority and have it in the following order
Internal Nic
External Nic  NO MS and F&P Services
Remote

ruudjse, even with external NIC DNS is the internal DNS, there has been no issues in relation to resolve names through any of the medium. And one of the MS KB talk about it also

bembi's looks like the choice solution and it is targeting the exact issue faced by me.  And yes till 2 days back my internet connection was via the DUN ISDN, primary exit point out of our lan

Will check these in about a few hours
0
 
LVL 3

Author Comment

by:John P John
ID: 13400745
bembi go to the solution
It was primarily my Default route setting which Had the primary route for the dial up
I knew it was something simple.  I changed the rest of the rule except the last route

Thanks for the help
0
 
LVL 35

Expert Comment

by:Bembi
ID: 13408386
You are welcome...
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Integration Management Part 2
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question