mckguy
asked on
ISA Server - HP T1100 Printer
Hi, I have recently had a HP t1100 printer installed. it uses DHCP with a reservation set for 192.168.1.254. but since setting up the printer i have started getting the following message's in my server perfmonce logs any ideas?
Source Event ID Last Occurrence Total Occurrences
Microsoft Firewall 14147 17/10/2008 05:44 258 *
ISA Server detected routes through the network adapter Server Local Area Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.254-192.168.1.25
Source Event ID Last Occurrence Total Occurrences
Microsoft Firewall 14147 17/10/2008 05:44 258 *
ISA Server detected routes through the network adapter Server Local Area Connection that do not correlate with the network to which this network adapter belongs. When networks are configured correctly, the IP address ranges included in each array-level network must include all IP addresses that are routable through its network adapters according to their routing tables. Otherwise valid packets may be dropped as spoofed. The following ranges are included in the network's IP address ranges but are not routable through any of the network's adapters: 192.168.1.254-192.168.1.25
ASKER
Hi, the server ip address is 192.168.1.1
What version of ISA and does it have the most recent service pack?
Philip
Philip
ASKER
ISA 2004 with current service pack, i think the problem is the printer.
Run ISA's live logging to verify what is going on.
We tend to install printers in the x.1-5 IP range.
Also, we do not setup our SBS netowrks on 192.168.0-5.0/24 because many consumer routers out there use those IP ranges. If a user VPNs to the SBS network and their router happens to have the same 192.168.1.0/24 range as the SBS network, they will not be able to work.
I suggest using the Change Server IP Wizard to change the subnet to something like 192.168.20.0/24 to eliminate that risk.
But, before you do that, run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet) to verify that all of your settings are correct.
Philip
We tend to install printers in the x.1-5 IP range.
Also, we do not setup our SBS netowrks on 192.168.0-5.0/24 because many consumer routers out there use those IP ranges. If a user VPNs to the SBS network and their router happens to have the same 192.168.1.0/24 range as the SBS network, they will not be able to work.
I suggest using the Change Server IP Wizard to change the subnet to something like 192.168.20.0/24 to eliminate that risk.
But, before you do that, run the Configure E-mail and Internet Connection Wizard (SBS Console --> To Do --> Connect to the Internet) to verify that all of your settings are correct.
Philip
ASKER
hi, you will have to be patient with me as i am a beginner.
I have my server set up on 192.168.1.1 with the second nic with my external ip 86.53.45.194.
My pc's are set up on 192.168.1.35 and i make a reservation for my network printers and these are on 192.168.1.249 - 192.168.1.254.
I have attached some info out of the isa logging - copier2.mckpartnership.loc
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet was dropped because its destination IP address is unreachable.
Rule:
Source: Local Host ( 86.53.45.194:8)
Destination: Internal (copier2.mckpartnership.lo
Protocol: Ping
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 86.53.45.194
Client agent:
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.
Rule:
Source: Local Host ( 192.168.1.1:11507)
Destination: Internal (copier2.mckpartnership.lo
Protocol: Unidentified IP Traffic (UDP:427)
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.1.1
Client agent
I have my server set up on 192.168.1.1 with the second nic with my external ip 86.53.45.194.
My pc's are set up on 192.168.1.35 and i make a reservation for my network printers and these are on 192.168.1.249 - 192.168.1.254.
I have attached some info out of the isa logging - copier2.mckpartnership.loc
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet was dropped because its destination IP address is unreachable.
Rule:
Source: Local Host ( 86.53.45.194:8)
Destination: Internal (copier2.mckpartnership.lo
Protocol: Ping
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 86.53.45.194
Client agent:
Denied Connection DAFFYD 19/10/2008 10:49:22
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.
Rule:
Source: Local Host ( 192.168.1.1:11507)
Destination: Internal (copier2.mckpartnership.lo
Protocol: Unidentified IP Traffic (UDP:427)
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.1.1
Client agent
Your printer is trying to communicate with the external IP?
Make sure that your NICs are configured as follows:
Internal NIC 1:
192.168.1.1 IP
255.255.255.0 Subnet
-.-.-.- blank gateway.
DNS1: 192.168.1.1
DNS2: blank.
Internet NIC 2 (provided by ISP):
86.53.45.194 IP
255.255.255.xxx Subnet
86.53.45.xxx Gatway
DNS1: 192.168.1.1
DNS2: blank.
Disable WINS and NetBIOS lookips on NIC2 under advanced properties. Make sure the "Register this connection in DNS" is UNCHECKED on the DNS tab for the NIC.
The printer and any system on the network should never know the external IP address of your NIC2.
Open DNS Manager and makes ure the 86.x.x.x IP is NOT in your DNS. Delete the record after completing the above steps if it is there.
Philip
Make sure that your NICs are configured as follows:
Internal NIC 1:
192.168.1.1 IP
255.255.255.0 Subnet
-.-.-.- blank gateway.
DNS1: 192.168.1.1
DNS2: blank.
Internet NIC 2 (provided by ISP):
86.53.45.194 IP
255.255.255.xxx Subnet
86.53.45.xxx Gatway
DNS1: 192.168.1.1
DNS2: blank.
Disable WINS and NetBIOS lookips on NIC2 under advanced properties. Make sure the "Register this connection in DNS" is UNCHECKED on the DNS tab for the NIC.
The printer and any system on the network should never know the external IP address of your NIC2.
Open DNS Manager and makes ure the 86.x.x.x IP is NOT in your DNS. Delete the record after completing the above steps if it is there.
Philip
ASKER
Hi Philip.
I have had a look at my NICs and confirm they are configuerd exactly how you have mention. I looked in the DNS and 86.x.x.x is not in there. But there was a entry for copier2@mckpartnership.loc
I have been running isa live logging and looks ok.? I will leave it logging and report back to you later
Many thanks Guy
I have had a look at my NICs and confirm they are configuerd exactly how you have mention. I looked in the DNS and 86.x.x.x is not in there. But there was a entry for copier2@mckpartnership.loc
I have been running isa live logging and looks ok.? I will leave it logging and report back to you later
Many thanks Guy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for not getting back to you sooner many thanks Guy Houghton
Philip