ISA 2006 Lost Internet Connectivity

Hi there,
Everyday in the morning, the company is losing Internet connectivity. In order to restore it, sometimes i can simply restart the firewall service, sometimes I need to disable/enable the internal NIC, and sometimes i need to reboot. When this happens I cannot ping the internal IP but I can RDP to the box, which is strange. This all seems to be related to the number of connections to the DC but i cannot be sure. Things I've tried:
- Rebuild the cache file
- Disable the Flood Mitigation Settings
- Increase the timeout for Connectivity Verification (see Error below)

None of this seems to do anything. Here are some log and event viewer entries i'm seeing:

Event Viewer:
EventID: 14147
ISA Server Detects routes through the network adapter that do not correlate with the network to which this network adapter belongs...

EventID: 21265
The routing table for the network adapter Internal includes IP address ranges that are not defined in the array-level network.

EventID: 1055
Windows cannot determine the computer name. Group policy aborted. The user in this case was the ISA admin account. After this error, the internet was lost.

EventID: 15120
The number of concurrent TCP connections from the source IP address .... exceeded the configured limit. (This seems to come up after a firewall service restart)

ISA Alerts
I get alot of Concurrent TCP connections from One IP address alerts. Systems do not seem to be compromised though as the IP address is never consistently the same. Granted they are DHCP so they may just be pulling different addresses. One of them is my machine actually. Once that I see though is from an outside IP address.


Connectivity Verifier "DNS" (and "DHCP") reported an error when trying to connect to (internal DC). The request timed out.

Could I have a DNS issue?

Configuration error
ISA Server detected routes through the network adapter Internal that do not correlate with the network to which this network adapter belongs.

The IP address it gives for this error are in our DHCP scope so not sure why this error happens.

All in all, once i restart the services, everything is ok for the day. Then the next day comes and boom, same thing.

Driving me crazy.

thx
GrayconAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Keith AlabasterEnterprise ArchitectCommented:
DHCP scopes and routes are completely separate - have a look at this article I wrote on the subject first then see where you go. Main error on this is when people leave out the .0 and the .255 entries when they define the internal interface(s) within the ISA gui.

http://www.experts-exchange.com/Microsoft/Windows_Security/A_1812-Error-Message-ISA-Server-detected-routes-through-the-network-adapter-LAN-that-do-not-correlate-with-the-network-to-which-this-network-adapter-belongs-How-to-fix-this.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.