Solved

ISA 2006 not giving out IP addresses to VPN Clients?

Posted on 2009-04-02
8
795 Views
Last Modified: 2012-05-06
Hi everyone,

All of a sudden, our ISA 2006 has stopped giving out the proper addresses.  Instead, it's giving out addresses in the 169.254.x.x range...which seems to suggest that it's lost connectivity to dhcp.  However, in the dashboard, DHCP connection shows as good.  Nothing changed that I know of, but this is becoming something of a hot issue.

Any thoughts?
0
Comment
Question by:GibsonGuitarIT
  • 4
  • 4
8 Comments
 
LVL 1

Expert Comment

by:rat3idea
ID: 24052279
Make Sure your DHCP Relay is setup on the Internal NIC of the ISA 2006 Server. If that is not it could you post the error from the event viewer?

Thanks!
0
 

Author Comment

by:GibsonGuitarIT
ID: 24052457
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.86.28 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

That's all the event viewer has to say
0
 
LVL 1

Expert Comment

by:rat3idea
ID: 24052551
Resolutions:
1) If this is XP, obtain the latest service pack for Windows XP.
2) Use the Network Diagnostics tool to identify any failed settings. To do this, go to Help and Support>Use Tools to view your computer information and diagnose problems>Network Diagnostics>Scan your system. When the process finishes, check for any items marked "FAILED" in red, expand those categories, and view the additional details about what the testing showed.
3) Assign a static ip on the client and ping the DHCP server. If you can't  ping the DHCP server, check the connection and hardware.
4) If you can ping the DHCP after assigning static ip, check the DHCP settings.
5) Make sure no firewall is running on your LAN.
6) Run Repair this connection if it is XP. Or use netsh to reset TCP/IP configuration.
7) If it is win98/w2k, remove and reinstall TCP/IP.
8) Try to upgrade the new NIC driver.
9) Make sure you don't run out of IPs in the DHCP scope.
10) If you use a router as DHCP, you may want to upgrade the firmware.

quoted from "ChicagoTech.com"
0
 

Author Comment

by:GibsonGuitarIT
ID: 24052674
It's Windows Server 2003 R2, but I did check everything just to be sure...all of the above checks out.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 1

Expert Comment

by:rat3idea
ID: 24053067
Check out this article as well. http://www.isaserver.org/tutorials/2004dhcprelay.html

I know its for 2004 but it walks you through verifying DHCP Relay is enabled and some troubleshooting steps.
0
 

Author Comment

by:GibsonGuitarIT
ID: 24053781
No go, unfortunately.

This was an existing set up that has always worked properly...but at some point, for some reason...it stopped.  I ran wireshark on the DHCP server, and I can see DHCP requests coming from the ISA server...but for whatever reason, DHCP isn't replying back....though it responds to normal DHCP requests as expected.
0
 
LVL 1

Expert Comment

by:rat3idea
ID: 24058987
I am assuming at this point you tried to restart the ISA Server? Or if you cannot, at least restart the RRAS Service.
0
 

Accepted Solution

by:
GibsonGuitarIT earned 0 total points
ID: 24059084
Of course, that was the first thing I tried.  When all else fails...reboot :)

As it happens, I resolved the issue.  I'm not sure how or why, but the policy I had set up to allow DHCP\BOOTP traffic had simply "stopped working."  I created a new one, allowing dhcp from all networks to all networks, and the issue disappeared.

Thanks for the help!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now