Cannoot Get to Internet or Email using ISA 2004

Hello,

We have an SBS 2003 server using 2 NIC cards.  One is configured to external with the IP address, SM and gateway given to us by ISP.  The DNS is left blank on this NIC.  The internal NIC is set to 10.0.1.1 SM 255.255.255.0 Gateway is blank and DNS is 10.0.1.1.   I have also checked the binding order and the internal NIC card is first. We are using ISA 2004 standard.  

I recently updated the drivers on the NICs and we have been having issues since.  clients on the network cannot access emails or get to the internet.  From the server I can ping a client IP, and a DNS address.  I am also able to get to the internet on the server.  

Can some one tell me what I need to check in ISA to get this working?  Thanks
JParra72Asked:
Who is Participating?
 
JParra72Connect With a Mentor Author Commented:
I got it working.  The external NIC had the DNS servers from the ISP listed.  I removed them and rebooted the server.
0
 
Matt DaviesCommented:
Is this intermittant or a constant problem?
0
 
JParra72Author Commented:
constant since I updated the NIC drivers.  It was intermittant right after the server rebooted it self every friday at 11pm as part of the scheduled tasks.  I would then come in an restart all associated services and everythin would be working again.  Not this time.  I updated the NIC drivers last wednesday, no connectivity since then.
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
JParra72Author Commented:
These are the firewall policies curently set up:

Policy #1 DNS internal local host
Allow - Protocol (DNS) - from internal - to local host- condition (all users).

Policy #2 SBS Outbaound Access Rule
Allow - Protocol (All outbound Traffic) - from all protected networks
- to external - condition (all users)

Policy #3 ronrawlings.com SMTP server
Allow - Protocol (SMTP srever) - from external - to 10.0.1.1

Policy #4 Camera
Allow - protocol (www) - from External - to 10.0.1.140

Policy #5 RDP (1)
Allow - Protocol (3390) - from external - to 10.0.1.19

Policy #6 Cameras
Allow - protocol (phones) - from external - to 10.0.1.140

Policy #7 RDP
Allow - protocol (terminal services) - from external - to 10.0.1.1

Policy #8 RDP (2)
Allow - protocol (RDP 2) - from external - to 10.0.1.1

Policy # 9 SSL
Allow - protocol  (HTTPS server) - from external - to 10.0.1.1

Policy #10 SBS Protrected Networks access rule
Allow - protocol (allow outbaound traffic) - from all protected
networks - to all protected networks - condition (all users)

Policy #11 SBS Inbound Access ruke
Deny - protocol (all outbound traffic) - from external - to local host
- condition (all users)

Policy # 12 Default Rule
Deny - protocol (all traffic) - from all networks - to all networks -
condition (all users)
0
 
JParra72Author Commented:
I am also getting connection limit exceeded alerts.  They are event ID 15112 on the event log.  message is "The client 10.0.1.193 exceeded its connection limit. The new connection was rejected."
0
 
JParra72Author Commented:
Also Notice where I have highkighted in red.  is it supposed to look like that?
 image
0
 
Matt DaviesCommented:
In the first instance I would roll back the network card drivers.
0
 
JParra72Author Commented:
Tried that from the devic manager and it would not do it because there was no back up.
0
 
JParra72Author Commented:
I was able to figure on my own
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.