Solved

ISA 2006 keep asking user name/password

Posted on 2012-03-10
9
1,008 Views
Last Modified: 2012-04-14
Hi All
I have windows 2008 domain and there is a windows 2003 R2 server Ent. member server in which isa server 2006 is installed.
My ISA2006 is not at the backend on my network, it is behind a Hardware firewall. and I have one network card in ISA server.
Even though i was created access rules for particular domain users by browsing in the active directory , but now user cannot access internet.
they are getting a login screen always and it is not authenticating even if the user supplies the correct credentials.

it was work fine before few weeks a go and now in the ISA i'm not able to see my local domain when i'm trying to add new user's in to access rule it's showing ISA server computer only in the location

I restart the ISA Server, then working fine for another some time then I shuld restrat it again?

please I need help to resolve this problem
untitled2.JPG
untitled.JPG
0
Comment
Question by:AymanOZ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
9 Comments
 
LVL 40

Expert Comment

by:als315
ID: 37706170
Try to check blocked connections in monitoring. It looks like DNS problem. Try to resolve domain controller during this lock, check access to proper DNS server.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 37706246
Try to dis-join  and rejoin the ISA to domain.
0
 

Author Comment

by:AymanOZ
ID: 37706427
Dear als315
I just Reed more in intenet ...

they ask me to add in host file

172.16.1.1           DNS1.domain.com         DNS1
172.16.1.2           DNS2.domain.com         DNS2

i will try it and come back to you

Dear Sulimanw
I try last week to
dis-join  and rejoin then reinstull ISA
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 40

Expert Comment

by:als315
ID: 37706603
What DNS is in your network card's settings? Have you internal DNS server in ISA computer? Have you any VPN connections to this ISA server?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 37706629
make sure that the external NIc does not point to any external DNS servers.
0
 

Author Comment

by:AymanOZ
ID: 37706704
My domain local DNS IP address is
172.16.1.1
172.16.1.2
My ISP DNS is
202.93.39.4
202.93.39.5

ISA Server is only Server with ISA Software, I did not add any other serves in ISA like DNS or fileserver or anything
I don’t have VPN connected to ISA server.

I have only one NIC in ISA server
configured like this
IP:   172.16.1.4
SM:  255.255.0.0
GW: 172.16.1.254
DNS1: 172.16.1.1
DNS2: 202.93.39.4

If I remove external DNS from ISA Server, I cannot get Internet :(
If I remove Internal DNS I cannot get Username and domain :((
0
 
LVL 40

Assisted Solution

by:als315
als315 earned 250 total points
ID: 37706740
Remove ISP's DNS from list, add your second DNS. Your internal DNSs should have forwarders to ISP's DNSs
Mask is 255.255.0.0 - you have so many computers in your network?
0
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 250 total points
ID: 37706747
Remove the 202.x.x.x from the dns ip list in the internal adapter.

create a rule to allow dns traffic from your internal dns server to the external network. last thing add the 202.x.x..x dns into the forwarders list in your internal dns server.
0
 

Author Comment

by:AymanOZ
ID: 37708918
OK ,
I Add this in DNS1,DNS2
202.x.x.x you can see the attachment
I will remove external DNS IP in NIC in ISA Server After 6:00 PM only
untitled.PNG
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question