troubleshooting Question

Problem with Microsoft Server ISA 2006 and our internal/external domain

Avatar of tolanc
tolancFlag for United Kingdom of Great Britain and Northern Ireland asked on
Software FirewallsInternet ProtocolsMicrosoft Server Apps
11 Comments1 Solution254 ViewsLast Modified:
Dear EE

First, I appreciate ISA 2006 is far from current and there are plans to replace in the new year.

Second, the challenge I face has only occured in the past 3 to 4 weeks and has worked fine for years.

Hardware/software
ISA Server 2006 ver 5.02.5723.493
Runing Proxy / Firewall etc
Windows Server 2003 Standard Edition Service Pack 2 Build 3790
Windows last patch - 19 June 2012
Proliant DL360 G5


The Problem
Our internal DNS domain is configured as (not real domain):

internal.example.com
our ISA server is:
isa01.internal.example.com


our external web site is hosted outside of our network, e.g.
www.example.com


Now, for some reason it is not possible to gain access to www.example.com.


Here's what I know:

All other web sites and services are fully operational

When pinging the domain example.com it resolves the correct IP address

Example.com is unavailable from both the ISA server itself and from hosts

When I connect a PC to our DMZ,  www.example.com is fully accessible (ruling out any ISP routing issues)

I have created rules within the Firewall policy to allow all traffic as the number one rule but this has no effect

Within "Configuration", "Networks" and "Internal" I have added the domain and IP address to the "Web Browser" tab to allow direct access but still the problem remains.



So, the ISA box resolves the correct IP Address, it's not an issue from the DMZ, I've tried adding exceptions etc.  

Is this a routing issue in that the ISA box doesn't know what to do with requests for www.example.com?

I'm really not sure where to look now, any help would be gratefully received.

Cheers
Tolan
ASKER CERTIFIED SOLUTION
tolanc
IT Manager

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros