[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1031
  • Last Modified:

ISA 2006 keep asking user name/password

Hi All
I have windows 2008 domain and there is a windows 2003 R2 server Ent. member server in which isa server 2006 is installed.
My ISA2006 is not at the backend on my network, it is behind a Hardware firewall. and I have one network card in ISA server.
Even though i was created access rules for particular domain users by browsing in the active directory , but now user cannot access internet.
they are getting a login screen always and it is not authenticating even if the user supplies the correct credentials.

it was work fine before few weeks a go and now in the ISA i'm not able to see my local domain when i'm trying to add new user's in to access rule it's showing ISA server computer only in the location

I restart the ISA Server, then working fine for another some time then I shuld restrat it again?

please I need help to resolve this problem
untitled2.JPG
untitled.JPG
0
AymanOZ
Asked:
AymanOZ
  • 3
  • 3
  • 3
2 Solutions
 
als315Commented:
Try to check blocked connections in monitoring. It looks like DNS problem. Try to resolve domain controller during this lock, check access to proper DNS server.
0
 
Suliman Abu KharroubIT Consultant Commented:
Try to dis-join  and rejoin the ISA to domain.
0
 
AymanOZAuthor Commented:
Dear als315
I just Reed more in intenet ...

they ask me to add in host file

172.16.1.1           DNS1.domain.com         DNS1
172.16.1.2           DNS2.domain.com         DNS2

i will try it and come back to you

Dear Sulimanw
I try last week to
dis-join  and rejoin then reinstull ISA
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
als315Commented:
What DNS is in your network card's settings? Have you internal DNS server in ISA computer? Have you any VPN connections to this ISA server?
0
 
Suliman Abu KharroubIT Consultant Commented:
make sure that the external NIc does not point to any external DNS servers.
0
 
AymanOZAuthor Commented:
My domain local DNS IP address is
172.16.1.1
172.16.1.2
My ISP DNS is
202.93.39.4
202.93.39.5

ISA Server is only Server with ISA Software, I did not add any other serves in ISA like DNS or fileserver or anything
I don’t have VPN connected to ISA server.

I have only one NIC in ISA server
configured like this
IP:   172.16.1.4
SM:  255.255.0.0
GW: 172.16.1.254
DNS1: 172.16.1.1
DNS2: 202.93.39.4

If I remove external DNS from ISA Server, I cannot get Internet :(
If I remove Internal DNS I cannot get Username and domain :((
0
 
als315Commented:
Remove ISP's DNS from list, add your second DNS. Your internal DNSs should have forwarders to ISP's DNSs
Mask is 255.255.0.0 - you have so many computers in your network?
0
 
Suliman Abu KharroubIT Consultant Commented:
Remove the 202.x.x.x from the dns ip list in the internal adapter.

create a rule to allow dns traffic from your internal dns server to the external network. last thing add the 202.x.x..x dns into the forwarders list in your internal dns server.
0
 
AymanOZAuthor Commented:
OK ,
I Add this in DNS1,DNS2
202.x.x.x you can see the attachment
I will remove external DNS IP in NIC in ISA Server After 6:00 PM only
untitled.PNG
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 3
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now