Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Virtual Server 2005 R2 and ISA 2006 TCP Connectivity Issues

Posted on 2006-11-16
5
Medium Priority
?
272 Views
Last Modified: 2013-11-15
Hi All,

I am currently having a problem where I am using an ISA server as the default gateway for a Windows 2003 Server running SP1. This server is running in a virtual machine in Virtual Server 2005 R2. This server is able to establish TCP connections to anything without any problems. However, nothing can establish connections to it. What seems to happen is this server will respond to the incoming connection but the ISA server will drop the response with the error: FWX_E_TCP_NOT_SYN_PACKET_DROPPED. Does anyone have a solution for getting around this problem? I think it is an issue with Virtual Server since I cannot get physical Windows 2003 servers with the ISA server as their default gateway to duplicate this behaviour.

Thank you for your help in advance.
0
Comment
Question by:sandvine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17963288
this suggests that the IP address being used on the VS is not listed in the internal address table on ISA. In the ISA gui, select monitoring - logging - click on start query. try to connect now from the box, what do you see in the log? The error is saying the ISA is seeing traffic come from an address that it thinks is external to the internal LAN. Because there is not a traffic-flow set, there is no three-way handshake to start the conversation ie it is not SYN trafic and this will be handled by the stateful packet inspection (SPI) functions e.g. it will be dropped.

open the configuration - networks - double-click internal. open the addresses tab, has ISA got the internal IP address of the VS server included?
0
 

Author Comment

by:sandvine
ID: 18097732
Thank you for the response. I found out that the problem was. It was a router on my network sending ICMP redirects which from my research seems to be incompatible with ISA.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18102893
Interesting as I've not come across such incompatibilities. However, thanks for letting us know.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18256690
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is an update and follow-up of my previous article:   Storage 101: common concepts in the IT enterprise storage This time, I expand on more frequently used storage concepts.
"Any files you do not have backed up in at least two [other] places are files you do not care about."
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question