First, I am new in my current company. The network structure and ISA server were not configured by me. These days, I have been seeing the ISA 2004 server in my company. I found out a very strange problem which I can't understand. The topology is attached.
ISA01(computer name of the ISA server) is filled on all of our clients’ IE proxy settings. Port is 8080. With this setting, IE is able to access internet normally.
However, when I used IP address(172.25.1.1) instead of ISA01 on IE proxy settings, the problem appeared. Upon opening IE, I was always prompted to enter User name and Password. And it failed to authenticate my account even after I inputted many times. Then I switched to use ISA01. Everything went back to normal. I made the same test with different clients and different accounts. The same problem persisted.
I logged on to ISA01 to see the settings. I made some “nslookup” tests. It seems that Domain Controller cannot be found because it always uses the DNS from the ISP. I tried to change the DNS severs on “Adapter 1
” from ISP’s to 172.25.1.11, 172.25.1.12
DC can be resolved correctly;
No more authentication window prompted when using IP address on IE Proxy setting;
I can access internet normally.
I believe it was because ISA server was able to find DC to authenticate my account after I changed the DNS servers. But before I did the change, why could it authenticate user accounts by using ISA01 on the client IE proxy setting, while it did NOT work by using IP address (172.25.1.1). It is really strange. I checked the ISA Console settings and many real time logs, but I didn’t get any finding about this issue.
Computer name works, IP address not work. What is the different ?
Does anyone have any idea about this issue?