We help IT Professionals succeed at work.

ISA 2006 keep asking user name/password

Hi All
I have windows 2008 domain and there is a windows 2003 R2 server Ent. member server in which isa server 2006 is installed.
My ISA2006 is not at the backend on my network, it is behind a Hardware firewall. and I have one network card in ISA server.
Even though i was created access rules for particular domain users by browsing in the active directory , but now user cannot access internet.
they are getting a login screen always and it is not authenticating even if the user supplies the correct credentials.

it was work fine before few weeks a go and now in the ISA i'm not able to see my local domain when i'm trying to add new user's in to access rule it's showing ISA server computer only in the location

I restart the ISA Server, then working fine for another some time then I shuld restrat it again?

please I need help to resolve this problem
untitled2.JPG
untitled.JPG
Comment
Watch Question

CERTIFIED EXPERT

Commented:
Try to check blocked connections in monitoring. It looks like DNS problem. Try to resolve domain controller during this lock, check access to proper DNS server.
Suliman Abu KharroubIT Consultant
CERTIFIED EXPERT

Commented:
Try to dis-join  and rejoin the ISA to domain.

Author

Commented:
Dear als315
I just Reed more in intenet ...

they ask me to add in host file

172.16.1.1           DNS1.domain.com         DNS1
172.16.1.2           DNS2.domain.com         DNS2

i will try it and come back to you

Dear Sulimanw
I try last week to
dis-join  and rejoin then reinstull ISA
CERTIFIED EXPERT

Commented:
What DNS is in your network card's settings? Have you internal DNS server in ISA computer? Have you any VPN connections to this ISA server?
Suliman Abu KharroubIT Consultant
CERTIFIED EXPERT

Commented:
make sure that the external NIc does not point to any external DNS servers.

Author

Commented:
My domain local DNS IP address is
172.16.1.1
172.16.1.2
My ISP DNS is
202.93.39.4
202.93.39.5

ISA Server is only Server with ISA Software, I did not add any other serves in ISA like DNS or fileserver or anything
I don’t have VPN connected to ISA server.

I have only one NIC in ISA server
configured like this
IP:   172.16.1.4
SM:  255.255.0.0
GW: 172.16.1.254
DNS1: 172.16.1.1
DNS2: 202.93.39.4

If I remove external DNS from ISA Server, I cannot get Internet :(
If I remove Internal DNS I cannot get Username and domain :((
CERTIFIED EXPERT
Commented:
Remove ISP's DNS from list, add your second DNS. Your internal DNSs should have forwarders to ISP's DNSs
Mask is 255.255.0.0 - you have so many computers in your network?
IT Consultant
CERTIFIED EXPERT
Commented:
Remove the 202.x.x.x from the dns ip list in the internal adapter.

create a rule to allow dns traffic from your internal dns server to the external network. last thing add the 202.x.x..x dns into the forwarders list in your internal dns server.

Author

Commented:
OK ,
I Add this in DNS1,DNS2
202.x.x.x you can see the attachment
I will remove external DNS IP in NIC in ISA Server After 6:00 PM only
untitled.PNG

Explore More ContentExplore courses, solutions, and other research materials related to this topic.