Solved

Virtual Server 2005 R2 and ISA 2006 TCP Connectivity Issues

Posted on 2006-11-16
5
271 Views
Last Modified: 2013-11-15
Hi All,

I am currently having a problem where I am using an ISA server as the default gateway for a Windows 2003 Server running SP1. This server is running in a virtual machine in Virtual Server 2005 R2. This server is able to establish TCP connections to anything without any problems. However, nothing can establish connections to it. What seems to happen is this server will respond to the incoming connection but the ISA server will drop the response with the error: FWX_E_TCP_NOT_SYN_PACKET_DROPPED. Does anyone have a solution for getting around this problem? I think it is an issue with Virtual Server since I cannot get physical Windows 2003 servers with the ISA server as their default gateway to duplicate this behaviour.

Thank you for your help in advance.
0
Comment
Question by:sandvine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17963288
this suggests that the IP address being used on the VS is not listed in the internal address table on ISA. In the ISA gui, select monitoring - logging - click on start query. try to connect now from the box, what do you see in the log? The error is saying the ISA is seeing traffic come from an address that it thinks is external to the internal LAN. Because there is not a traffic-flow set, there is no three-way handshake to start the conversation ie it is not SYN trafic and this will be handled by the stateful packet inspection (SPI) functions e.g. it will be dropped.

open the configuration - networks - double-click internal. open the addresses tab, has ISA got the internal IP address of the VS server included?
0
 

Author Comment

by:sandvine
ID: 18097732
Thank you for the response. I found out that the problem was. It was a router on my network sending ICMP redirects which from my research seems to be incompatible with ISA.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18102893
Interesting as I've not come across such incompatibilities. However, thanks for letting us know.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18256690
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

VM backups can be lost due to a number of reasons: accidental backup deletion, backup file corruption, disk failure, lost or stolen hardware, malicious attack, or due to some other undesired and unpredicted event. Thus, having more than one copy of …
Create your own, high-performance VM backup appliance by installing NAKIVO Backup & Replication directly onto a Synology NAS!
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question