ISA Server - HP T1100 Printer

Hi, I have recently had a HP t1100 printer installed. it uses DHCP with a reservation set for 192.168.1.254. but since setting up the printer i have started getting the following message's in my server perfmonce logs any ideas?

Source Event ID Last Occurrence Total Occurrences
  Microsoft Firewall 14147 17/10/2008 05:44 258 *
ISA Server detected routes through the network adapter Server Local Area Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.254-192.168.1.254;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur.
 
mckguyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Philip ElderTechnical Architect - HA/Compute/StorageCommented:
What is your server's IP address?
Philip
0
mckguyAuthor Commented:
Hi, the server ip address is 192.168.1.1
0
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
What version of ISA and does it have the most recent service pack?
Philip
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

mckguyAuthor Commented:
ISA 2004 with current service pack, i think the problem is the printer.
0
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Run ISA's live logging to verify what is going on.

We tend to install printers in the x.1-5 IP range.

Also, we do not setup our SBS netowrks on 192.168.0-5.0/24 because many consumer routers out there use those IP ranges. If a user VPNs to the SBS network and their router happens to have the same 192.168.1.0/24 range as the SBS network, they will not be able to work.

I suggest using the Change Server IP Wizard to change the subnet to something like 192.168.20.0/24 to eliminate that risk.

But, before you do that, run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet) to verify that all of your settings are correct.

Philip
0
mckguyAuthor Commented:
hi, you will have to be patient with me as i am a beginner.
 
I have my server set up on 192.168.1.1 with the second nic with my external ip 86.53.45.194.
 
My pc's are set up on 192.168.1.35 and i make a reservation for my network printers and these are on 192.168.1.249 - 192.168.1.254.

I have attached some info out of the isa logging - copier2.mckpartnership.local 192.168.1.254:0 - was a large format printer that was replaced by the HP T1100)

Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet was dropped because its destination IP address is unreachable.
Rule:  
Source: Local Host ( 86.53.45.194:8)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:0)
Protocol: Ping
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 86.53.45.194
Client agent:
 
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.
Rule:  
Source: Local Host ( 192.168.1.1:11507)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:427)
Protocol: Unidentified IP Traffic (UDP:427)
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.1.1
Client agent
0
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Your printer is trying to communicate with the external IP?

Make sure that your NICs are configured as follows:
Internal NIC 1:
  192.168.1.1 IP
  255.255.255.0 Subnet
  -.-.-.- blank gateway.

DNS1: 192.168.1.1
DNS2: blank.

Internet NIC 2 (provided by ISP):
  86.53.45.194 IP
  255.255.255.xxx Subnet
  86.53.45.xxx Gatway

DNS1: 192.168.1.1
DNS2: blank.
Disable WINS and NetBIOS lookips on NIC2 under advanced properties. Make sure the "Register this connection in DNS" is UNCHECKED on the DNS tab for the NIC.

The printer and any system on the network should never know the external IP address of your NIC2.

Open DNS Manager and makes ure the 86.x.x.x IP is NOT in your DNS. Delete the record after completing the above steps if it is there.

Philip
0
mckguyAuthor Commented:
Hi Philip.

I have had a look at my NICs and confirm they are configuerd exactly how you have mention. I looked in the DNS and 86.x.x.x is not in there. But there was a entry for copier2@mckpartnership.local - 192.168.1.254 i deleted this since it was a reference to the old printer.

I have been running isa live logging and looks ok.? I will leave it logging and report back to you later

Many thanks Guy
0
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
No worries.
The next step will be to run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet).
No need to change the firewall settings and leave the certificate alone. Once the wizard is finished, verify that the error does not come back.
If the workstations are picking the printer up by a share on the server, record the share settings, delete it, then move the printer to 192.168.1.5 or therabouts using a reservation.
Use the Printer wizard in the SBS Console to add the printer back and create a Standard TCP/IP port to the new IP. See if the error follows the printer.
Make sure to disable any superfluous protocols on the printer: IPX, AppleTalk, etc. Leave TCP/IP as the only selection.
Philip
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mckguyAuthor Commented:
Thanks for not getting back to you sooner many thanks Guy Houghton
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Printers and Scanners

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.