[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Cannoot Get to Internet or Email using ISA 2004

Posted on 2010-11-27
9
Medium Priority
?
457 Views
Last Modified: 2012-05-10
Hello,

We have an SBS 2003 server using 2 NIC cards.  One is configured to external with the IP address, SM and gateway given to us by ISP.  The DNS is left blank on this NIC.  The internal NIC is set to 10.0.1.1 SM 255.255.255.0 Gateway is blank and DNS is 10.0.1.1.   I have also checked the binding order and the internal NIC card is first. We are using ISA 2004 standard.  

I recently updated the drivers on the NICs and we have been having issues since.  clients on the network cannot access emails or get to the internet.  From the server I can ping a client IP, and a DNS address.  I am also able to get to the internet on the server.  

Can some one tell me what I need to check in ISA to get this working?  Thanks
0
Comment
Question by:JParra72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 2
9 Comments
 
LVL 5

Expert Comment

by:Matt Davies
ID: 34222283
Is this intermittant or a constant problem?
0
 

Author Comment

by:JParra72
ID: 34222301
constant since I updated the NIC drivers.  It was intermittant right after the server rebooted it self every friday at 11pm as part of the scheduled tasks.  I would then come in an restart all associated services and everythin would be working again.  Not this time.  I updated the NIC drivers last wednesday, no connectivity since then.
0
 

Author Comment

by:JParra72
ID: 34222313
These are the firewall policies curently set up:

Policy #1 DNS internal local host
Allow - Protocol (DNS) - from internal - to local host- condition (all users).

Policy #2 SBS Outbaound Access Rule
Allow - Protocol (All outbound Traffic) - from all protected networks
- to external - condition (all users)

Policy #3 ronrawlings.com SMTP server
Allow - Protocol (SMTP srever) - from external - to 10.0.1.1

Policy #4 Camera
Allow - protocol (www) - from External - to 10.0.1.140

Policy #5 RDP (1)
Allow - Protocol (3390) - from external - to 10.0.1.19

Policy #6 Cameras
Allow - protocol (phones) - from external - to 10.0.1.140

Policy #7 RDP
Allow - protocol (terminal services) - from external - to 10.0.1.1

Policy #8 RDP (2)
Allow - protocol (RDP 2) - from external - to 10.0.1.1

Policy # 9 SSL
Allow - protocol  (HTTPS server) - from external - to 10.0.1.1

Policy #10 SBS Protrected Networks access rule
Allow - protocol (allow outbaound traffic) - from all protected
networks - to all protected networks - condition (all users)

Policy #11 SBS Inbound Access ruke
Deny - protocol (all outbound traffic) - from external - to local host
- condition (all users)

Policy # 12 Default Rule
Deny - protocol (all traffic) - from all networks - to all networks -
condition (all users)
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:JParra72
ID: 34222346
I am also getting connection limit exceeded alerts.  They are event ID 15112 on the event log.  message is "The client 10.0.1.193 exceeded its connection limit. The new connection was rejected."
0
 

Author Comment

by:JParra72
ID: 34222398
Also Notice where I have highkighted in red.  is it supposed to look like that?
 image
0
 
LVL 5

Expert Comment

by:Matt Davies
ID: 34222456
In the first instance I would roll back the network card drivers.
0
 

Author Comment

by:JParra72
ID: 34222484
Tried that from the devic manager and it would not do it because there was no back up.
0
 

Accepted Solution

by:
JParra72 earned 0 total points
ID: 34227868
I got it working.  The external NIC had the DNS servers from the ISP listed.  I removed them and rebooted the server.
0
 

Author Closing Comment

by:JParra72
ID: 34265392
I was able to figure on my own
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question