Solved

ISA Server - HP T1100 Printer

Posted on 2008-10-18
10
822 Views
Last Modified: 2013-12-15
Hi, I have recently had a HP t1100 printer installed. it uses DHCP with a reservation set for 192.168.1.254. but since setting up the printer i have started getting the following message's in my server perfmonce logs any ideas?

Source Event ID Last Occurrence Total Occurrences
  Microsoft Firewall 14147 17/10/2008 05:44 258 *
ISA Server detected routes through the network adapter Server Local Area Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.254-192.168.1.254;. Note that this event may be generated once after you add a route, create a remote site network, or configure Network Load Balancing and may be safely ignored if it does not re-occur.
 
0
Comment
Question by:mckguy
  • 5
  • 5
10 Comments
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22750552
What is your server's IP address?
Philip
0
 

Author Comment

by:mckguy
ID: 22751165
Hi, the server ip address is 192.168.1.1
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22751295
What version of ISA and does it have the most recent service pack?
Philip
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:mckguy
ID: 22751312
ISA 2004 with current service pack, i think the problem is the printer.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22751324
Run ISA's live logging to verify what is going on.

We tend to install printers in the x.1-5 IP range.

Also, we do not setup our SBS netowrks on 192.168.0-5.0/24 because many consumer routers out there use those IP ranges. If a user VPNs to the SBS network and their router happens to have the same 192.168.1.0/24 range as the SBS network, they will not be able to work.

I suggest using the Change Server IP Wizard to change the subnet to something like 192.168.20.0/24 to eliminate that risk.

But, before you do that, run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet) to verify that all of your settings are correct.

Philip
0
 

Author Comment

by:mckguy
ID: 22751498
hi, you will have to be patient with me as i am a beginner.
 
I have my server set up on 192.168.1.1 with the second nic with my external ip 86.53.45.194.
 
My pc's are set up on 192.168.1.35 and i make a reservation for my network printers and these are on 192.168.1.249 - 192.168.1.254.

I have attached some info out of the isa logging - copier2.mckpartnership.local 192.168.1.254:0 - was a large format printer that was replaced by the HP T1100)

Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet was dropped because its destination IP address is unreachable.
Rule:  
Source: Local Host ( 86.53.45.194:8)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:0)
Protocol: Ping
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 86.53.45.194
Client agent:
 
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.
Rule:  
Source: Local Host ( 192.168.1.1:11507)
Destination: Internal (copier2.mckpartnership.local 192.168.1.254:427)
Protocol: Unidentified IP Traffic (UDP:427)
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.1.1
Client agent
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22753757
Your printer is trying to communicate with the external IP?

Make sure that your NICs are configured as follows:
Internal NIC 1:
  192.168.1.1 IP
  255.255.255.0 Subnet
  -.-.-.- blank gateway.

DNS1: 192.168.1.1
DNS2: blank.

Internet NIC 2 (provided by ISP):
  86.53.45.194 IP
  255.255.255.xxx Subnet
  86.53.45.xxx Gatway

DNS1: 192.168.1.1
DNS2: blank.
Disable WINS and NetBIOS lookips on NIC2 under advanced properties. Make sure the "Register this connection in DNS" is UNCHECKED on the DNS tab for the NIC.

The printer and any system on the network should never know the external IP address of your NIC2.

Open DNS Manager and makes ure the 86.x.x.x IP is NOT in your DNS. Delete the record after completing the above steps if it is there.

Philip
0
 

Author Comment

by:mckguy
ID: 22757581
Hi Philip.

I have had a look at my NICs and confirm they are configuerd exactly how you have mention. I looked in the DNS and 86.x.x.x is not in there. But there was a entry for copier2@mckpartnership.local - 192.168.1.254 i deleted this since it was a reference to the old printer.

I have been running isa live logging and looks ok.? I will leave it logging and report back to you later

Many thanks Guy
0
 
LVL 38

Accepted Solution

by:
Philip Elder earned 500 total points
ID: 22759159
No worries.
The next step will be to run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet).
No need to change the firewall settings and leave the certificate alone. Once the wizard is finished, verify that the error does not come back.
If the workstations are picking the printer up by a share on the server, record the share settings, delete it, then move the printer to 192.168.1.5 or therabouts using a reservation.
Use the Printer wizard in the SBS Console to add the printer back and create a Standard TCP/IP port to the new IP. See if the error follows the printer.
Make sure to disable any superfluous protocols on the printer: IPX, AppleTalk, etc. Leave TCP/IP as the only selection.
Philip
0
 

Author Closing Comment

by:mckguy
ID: 31507401
Thanks for not getting back to you sooner many thanks Guy Houghton
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question