Solved

ISA Server 2006 Migration

Posted on 2013-05-31
5
634 Views
Last Modified: 2013-06-10
Hi all,

I'm hoping someone can give some insight into this issue I have been having.
I have migrated our Internal ISA Server 2006 Server to Hyper-V on a new server.

What's been done so far:


1) Export the ISA config from old server
 2 Install Windows OS and ISA Server 2006
 3) Disconnect old ISA Server from network
 4) Give new ISA Server the old ISA Server IP address
 5) Import the ISA configuration from old server to new
 6) Check configuration
 7) Import Exchange RPC Certificates
 8) Check ISA Logs make sure all is clear.

After all of the above I connect the ISA Server check all my access internal and external all works fine...

Then... after a few hours ISA starts dropping DNS queries for ex:
I would ping www.google.co.za from my workstation and it doesn't resolve (it did before)
Ping is allowed in the firewall rules and the required DNS rules exist as they were there on the original server.

Our DNS on the DC's are set to forward any external DNS queries to a forwarder (in this case the ISA Server) (With the same IP I granted to the new ISA Server)

Like for like when I check everything it's all the same(same IP's same configuration rules, same ISA version, same SP version)

Any idea why after a few hours this would occur?

I put the old box back and my internal to external DNS queries works 100% again ( I get a reply when pinging www.google.co.za)

I haven't really looked into the edge firewall (ISA 2004) too much as I can't see how it could contribute to this issue (no names are specified and all the rules are done through IP to IP)

You're help is much appreciated.
0
Comment
Question by:NSI-Tech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
strivoli earned 500 total points
ID: 39210659
Check the new ISA's Alerts. The DNS server might have generated too much traffic over the ISA server. The ISA might have considered it an attack and as a result blocked any traffic from DNS. Add the DNS server's IP address to the Flood Mitigation exceptions.

Check the ISA's Alerts before making any changes. Document any changes to the ISA configuration. Let me know.
0
 

Author Comment

by:NSI-Tech
ID: 39221178
Hi Strivoli,

Thanks for your reply. I haven't had a chance to verify the solution yet. waiting on approval when we can do the next test run without affecting business. So far planned for Wednesday. Will let you know how it turns out.

thanks
0
 
LVL 19

Expert Comment

by:strivoli
ID: 39224661
You're welcome. Keep us informed when you have any news.
0
 

Author Closing Comment

by:NSI-Tech
ID: 39233985
Thanks strivoli!  so far so good will monitor and revert back if this issue pops up again.
0
 
LVL 19

Expert Comment

by:strivoli
ID: 39234015
You're welcome! Have a nice day!
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question