Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ISA Server - HP T1100 Printer

Posted on 2008-10-18
10
Medium Priority
?
828 Views
Last Modified: 2013-12-15
Hi, I have recently had a HP t1100 printer installed. it uses DHCP with a reservation set for 192.168.1.254. but since setting up the printer i have started getting the following message's in my server perfmonce logs any ideas?

Source Event ID Last Occurrence Total Occurrences
  Microsoft Firewall 14147 17/10/2008 05:44 258 *
ISA Server detected routes through the network adapter Server Local Area Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.254-192.168.1.254;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur.
 
0
Comment
Question by:mckguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 39

Expert Comment

by:Philip Elder
ID: 22750552
What is your server's IP address?
Philip
0
 

Author Comment

by:mckguy
ID: 22751165
Hi, the server ip address is 192.168.1.1
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 22751295
What version of ISA and does it have the most recent service pack?
Philip
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:mckguy
ID: 22751312
ISA 2004 with current service pack, i think the problem is the printer.
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 22751324
Run ISA's live logging to verify what is going on.

We tend to install printers in the x.1-5 IP range.

Also, we do not setup our SBS netowrks on 192.168.0-5.0/24 because many consumer routers out there use those IP ranges. If a user VPNs to the SBS network and their router happens to have the same 192.168.1.0/24 range as the SBS network, they will not be able to work.

I suggest using the Change Server IP Wizard to change the subnet to something like 192.168.20.0/24 to eliminate that risk.

But, before you do that, run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet) to verify that all of your settings are correct.

Philip
0
 

Author Comment

by:mckguy
ID: 22751498
hi, you will have to be patient with me as i am a beginner.
 
I have my server set up on 192.168.1.1 with the second nic with my external ip 86.53.45.194.
 
My pc's are set up on 192.168.1.35 and i make a reservation for my network printers and these are on 192.168.1.249 - 192.168.1.254.

I have attached some info out of the isa logging - copier2.mckpartnership.local 192.168.1.254:0 - was a large format printer that was replaced by the HP T1100)

Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet was dropped because its destination IP address is unreachable.
Rule:  
Source: Local Host ( 86.53.45.194:8)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:0)
Protocol: Ping
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 86.53.45.194
Client agent:
 
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.
Rule:  
Source: Local Host ( 192.168.1.1:11507)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:427)
Protocol: Unidentified IP Traffic (UDP:427)
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.1.1
Client agent
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 22753757
Your printer is trying to communicate with the external IP?

Make sure that your NICs are configured as follows:
Internal NIC 1:
  192.168.1.1 IP
  255.255.255.0 Subnet
  -.-.-.- blank gateway.

DNS1: 192.168.1.1
DNS2: blank.

Internet NIC 2 (provided by ISP):
  86.53.45.194 IP
  255.255.255.xxx Subnet
  86.53.45.xxx Gatway

DNS1: 192.168.1.1
DNS2: blank.
Disable WINS and NetBIOS lookips on NIC2 under advanced properties. Make sure the "Register this connection in DNS" is UNCHECKED on the DNS tab for the NIC.

The printer and any system on the network should never know the external IP address of your NIC2.

Open DNS Manager and makes ure the 86.x.x.x IP is NOT in your DNS. Delete the record after completing the above steps if it is there.

Philip
0
 

Author Comment

by:mckguy
ID: 22757581
Hi Philip.

I have had a look at my NICs and confirm they are configuerd exactly how you have mention. I looked in the DNS and 86.x.x.x is not in there. But there was a entry for copier2@mckpartnership.local - 192.168.1.254 i deleted this since it was a reference to the old printer.

I have been running isa live logging and looks ok.? I will leave it logging and report back to you later

Many thanks Guy
0
 
LVL 39

Accepted Solution

by:
Philip Elder earned 2000 total points
ID: 22759159
No worries.
The next step will be to run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet).
No need to change the firewall settings and leave the certificate alone. Once the wizard is finished, verify that the error does not come back.
If the workstations are picking the printer up by a share on the server, record the share settings, delete it, then move the printer to 192.168.1.5 or therabouts using a reservation.
Use the Printer wizard in the SBS Console to add the printer back and create a Standard TCP/IP port to the new IP. See if the error follows the printer.
Make sure to disable any superfluous protocols on the printer: IPX, AppleTalk, etc. Leave TCP/IP as the only selection.
Philip
0
 

Author Closing Comment

by:mckguy
ID: 31507401
Thanks for not getting back to you sooner many thanks Guy Houghton
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
When I recently replaced my image transfer kit on my office HP color laserjet 5550dn printer, I had a slight problem.  The left bracket that holds the transfer kit got stuck in the upright locked position instead of being at a 45 degree angle facing…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question