Solved

Cannoot Get to Internet or Email using ISA 2004

Posted on 2010-11-27
9
451 Views
Last Modified: 2012-05-10
Hello,

We have an SBS 2003 server using 2 NIC cards.  One is configured to external with the IP address, SM and gateway given to us by ISP.  The DNS is left blank on this NIC.  The internal NIC is set to 10.0.1.1 SM 255.255.255.0 Gateway is blank and DNS is 10.0.1.1.   I have also checked the binding order and the internal NIC card is first. We are using ISA 2004 standard.  

I recently updated the drivers on the NICs and we have been having issues since.  clients on the network cannot access emails or get to the internet.  From the server I can ping a client IP, and a DNS address.  I am also able to get to the internet on the server.  

Can some one tell me what I need to check in ISA to get this working?  Thanks
0
Comment
Question by:JParra72
  • 7
  • 2
9 Comments
 
LVL 5

Expert Comment

by:Matt Davies
Comment Utility
Is this intermittant or a constant problem?
0
 

Author Comment

by:JParra72
Comment Utility
constant since I updated the NIC drivers.  It was intermittant right after the server rebooted it self every friday at 11pm as part of the scheduled tasks.  I would then come in an restart all associated services and everythin would be working again.  Not this time.  I updated the NIC drivers last wednesday, no connectivity since then.
0
 

Author Comment

by:JParra72
Comment Utility
These are the firewall policies curently set up:

Policy #1 DNS internal local host
Allow - Protocol (DNS) - from internal - to local host- condition (all users).

Policy #2 SBS Outbaound Access Rule
Allow - Protocol (All outbound Traffic) - from all protected networks
- to external - condition (all users)

Policy #3 ronrawlings.com SMTP server
Allow - Protocol (SMTP srever) - from external - to 10.0.1.1

Policy #4 Camera
Allow - protocol (www) - from External - to 10.0.1.140

Policy #5 RDP (1)
Allow - Protocol (3390) - from external - to 10.0.1.19

Policy #6 Cameras
Allow - protocol (phones) - from external - to 10.0.1.140

Policy #7 RDP
Allow - protocol (terminal services) - from external - to 10.0.1.1

Policy #8 RDP (2)
Allow - protocol (RDP 2) - from external - to 10.0.1.1

Policy # 9 SSL
Allow - protocol  (HTTPS server) - from external - to 10.0.1.1

Policy #10 SBS Protrected Networks access rule
Allow - protocol (allow outbaound traffic) - from all protected
networks - to all protected networks - condition (all users)

Policy #11 SBS Inbound Access ruke
Deny - protocol (all outbound traffic) - from external - to local host
- condition (all users)

Policy # 12 Default Rule
Deny - protocol (all traffic) - from all networks - to all networks -
condition (all users)
0
 

Author Comment

by:JParra72
Comment Utility
I am also getting connection limit exceeded alerts.  They are event ID 15112 on the event log.  message is "The client 10.0.1.193 exceeded its connection limit. The new connection was rejected."
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:JParra72
Comment Utility
Also Notice where I have highkighted in red.  is it supposed to look like that?
 image
0
 
LVL 5

Expert Comment

by:Matt Davies
Comment Utility
In the first instance I would roll back the network card drivers.
0
 

Author Comment

by:JParra72
Comment Utility
Tried that from the devic manager and it would not do it because there was no back up.
0
 

Accepted Solution

by:
JParra72 earned 0 total points
Comment Utility
I got it working.  The external NIC had the DNS servers from the ISP listed.  I removed them and rebooted the server.
0
 

Author Closing Comment

by:JParra72
Comment Utility
I was able to figure on my own
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now