Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ISA Server 2006 Migration

Posted on 2013-05-31
5
Medium Priority
?
644 Views
Last Modified: 2013-06-10
Hi all,

I'm hoping someone can give some insight into this issue I have been having.
I have migrated our Internal ISA Server 2006 Server to Hyper-V on a new server.

What's been done so far:


1) Export the ISA config from old server
 2 Install Windows OS and ISA Server 2006
 3) Disconnect old ISA Server from network
 4) Give new ISA Server the old ISA Server IP address
 5) Import the ISA configuration from old server to new
 6) Check configuration
 7) Import Exchange RPC Certificates
 8) Check ISA Logs make sure all is clear.

After all of the above I connect the ISA Server check all my access internal and external all works fine...

Then... after a few hours ISA starts dropping DNS queries for ex:
I would ping www.google.co.za from my workstation and it doesn't resolve (it did before)
Ping is allowed in the firewall rules and the required DNS rules exist as they were there on the original server.

Our DNS on the DC's are set to forward any external DNS queries to a forwarder (in this case the ISA Server) (With the same IP I granted to the new ISA Server)

Like for like when I check everything it's all the same(same IP's same configuration rules, same ISA version, same SP version)

Any idea why after a few hours this would occur?

I put the old box back and my internal to external DNS queries works 100% again ( I get a reply when pinging www.google.co.za)

I haven't really looked into the edge firewall (ISA 2004) too much as I can't see how it could contribute to this issue (no names are specified and all the rules are done through IP to IP)

You're help is much appreciated.
0
Comment
Question by:NSI-Tech
  • 3
  • 2
5 Comments
 
LVL 20

Accepted Solution

by:
strivoli earned 1500 total points
ID: 39210659
Check the new ISA's Alerts. The DNS server might have generated too much traffic over the ISA server. The ISA might have considered it an attack and as a result blocked any traffic from DNS. Add the DNS server's IP address to the Flood Mitigation exceptions.

Check the ISA's Alerts before making any changes. Document any changes to the ISA configuration. Let me know.
0
 

Author Comment

by:NSI-Tech
ID: 39221178
Hi Strivoli,

Thanks for your reply. I haven't had a chance to verify the solution yet. waiting on approval when we can do the next test run without affecting business. So far planned for Wednesday. Will let you know how it turns out.

thanks
0
 
LVL 20

Expert Comment

by:strivoli
ID: 39224661
You're welcome. Keep us informed when you have any news.
0
 

Author Closing Comment

by:NSI-Tech
ID: 39233985
Thanks strivoli!  so far so good will monitor and revert back if this issue pops up again.
0
 
LVL 20

Expert Comment

by:strivoli
ID: 39234015
You're welcome! Have a nice day!
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question