Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


isa server 2004 problems resolving dns names

Posted on 2012-08-14
Medium Priority
Last Modified: 2012-08-27
Im using a isa server 2006 running on w2k3 .
The company has purchased a new server, and I have to reinstall the operating system but with ISA 2004.
 Install and configure the ISA 2004 and I started to try from a client.
 http proxy works ok, but i cant use telnet
 Detected that this is because it is not resolving the name.
 If I write telnet "ip" 80 works perfect.
 From the workstation I can connect fine with telnet ip,
Dns servers are not resolving external dns names .
Is not a dns problem because if i change the isa , the resolution works fine again
isa 2006 is disconected .
Two servers has the same ip
if i disconnet isa2k4 and connect isa2k6 everithing works ok
From the isa server 2004 (localhost) everything works ok . I can resolve internet adresses
Question by:hernanv70
LVL 33

Expert Comment

ID: 38294522
Which servers are your DNS pointing to as forwarders? is it your ISA box OR external DNS Servers?

Also, verify if ISA is running DNS in cache mode?

Verify the DNS Settings on NIC of ISA 2006 box.

LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38294629
For any connection to be able to connect to any server using Internet address it needs to be published ...... now you need to understand how external servers access ISA2006 and get that same information populated on ISA2004.

Hope all services are running on ISA and only one NIC ?
DNS Settings on NIC

- Rancy
LVL 29

Accepted Solution

pwindell earned 1500 total points
ID: 38297919
The very first Rule on any ISA/TMG installation,....right at the top of the Rule List,....must be an Rule that allow anonymnous outbound DNS Queries from the DCs to their Forwarders (or to the Internet in general if using Root Hints).

The Rule must be:
1. Anonymous (All Users)
2. Preferably at the top #1 position on the list
3. Must use the normal DNS Protocol (not "DNS Server")

1. Never use the ISA/TMG as a DNSServer
2. Never run ISA/TMG as any form of DNS cache server
3. ISA/TMG should be totally devoid of any type of DNS "duties".

This is no,...and should not be any Publishing
Nothing from outside should be involved in this in an "inbound" manner.

A one nic ISA/TMG is a waste of time and money.  It becomes reduced to nothing but a "Web Caching Proxy" and can only process HTTP, HTTPS, and FTP-Over-HTTP,...and it is capable of only "web publishing" for inbound,... but with not much real measurable benefit for doing so.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question