I looked at the captures - both ISA NICs are seeing DHCP traffic to/from 192.168.1.2 (DHCP server). Odds are, your customer has both ISA NICs plugged into the same hub (or a misconfigured switch). Also of concern is that you stated the ISA has two NICs, but the IP addresses (192.168.1.2 (internal) and 192.168.1.111 (external) appear to be in the same subnet. I've fixed the ipconfig problem in isainfo - can you get a fresh one? -------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------- -----Original Message----- From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Monday, December 05, 2005 12:13 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA denies DHCP request http://www.ISAserver.org Both are static. Amy Harbor Computer Services Small Business Computer Specialists Client Blog: http://smalltechnotes.blogspot.com/ Tech Blog: http://isainsbs.blogspot.com/ Website: http://www.harborcomputerservices.net/ -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 3:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA denies DHCP request http://www.ISAserver.org IPConfig failed to execute; is the external NIC static or dynamically-assigned? ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Monday, December 05, 2005 11:58 To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA denies DHCP request http://www.ISAserver.org It is. SBS servers are given these default ISA DHCP rules: SBS LocalHost DHCP Access (DHCP Reply protocol from External to LocalHost by All Users) And these System Policy entries: All DHCP Requests from ISA to All Networks (DHCP request protocol, from Internal to All Networks by All Users.) Allow DHCP Replies from DHCP Servers to ISA Server (DHCP reply protocol, from Internal to Local Host by All Users) Amy Harbor Computer Services Small Business Computer Specialists Client Blog: http://smalltechnotes.blogspot.com/ Tech Blog: http://isainsbs.blogspot.com/ Website: http://www.harborcomputerservices.net/ -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 2:45 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA denies DHCP request http://www.ISAserver.org Is the DHCP service configured to use only the internal interface? Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] > Sent: Monday, December 05, 2005 1:29 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA denies DHCP request > > http://www.ISAserver.org > > Yes, it is. > > Amy > > Harbor Computer Services > Small Business Computer Specialists > > Client Blog: http://smalltechnotes.blogspot.com/ > Tech Blog: http://isainsbs.blogspot.com/ > Website: http://www.harborcomputerservices.net/ > > > > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Monday, December 05, 2005 2:20 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA denies DHCP request > > http://www.ISAserver.org > > Hi Amy, > > Is the DHCP server on the ISA firewall? > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > > -----Original Message----- > > From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] > > Sent: Monday, December 05, 2005 1:12 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] ISA denies DHCP request > > > > http://www.ISAserver.org > > > > I got stumped this weekend. A fellow consultant has a SBS > box with ISA > > 2004. After the upgrade from ISA 2000 to ISA 2004, ISA denies DHCP > > requests because it sees them as coming in on the external NIC. > > > > I checked all of the usual stuff. NICs are configured correctly. > > Binding order is correct. Routing table looks normal. DHCP rules > are correct. > > Clients are correctly configured. External NIC is connected only to > > the ADSL modem, Internal NIC is connected only to a switch with > the PC's. > > > > Here's the packets. I can't figure out why ISA thinks these > > are external > > packets. > > > > 192.168.1.16 SBSERVER UDP 68 0 > 0 0 > > 0x0 0x0 0x0 Firewall 12/4/2005 9:10 > 192.168.1.2 > > 67 DHCP (request) Initiated Connection SBS Protected Networks > > Access Rule 192.168.1.16 Internal Local Host > > > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > > Connection Default rule 0.0.0.0 External Local Host > > > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > > Connection Default rule 0.0.0.0 External Local Host > > > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > > Connection Default rule 0.0.0.0 External Local Host > > > > > > This server also has difficulty with VPN clients. They also > don't get > > served IP addresses by the DHCP server. However, even when you > > statically assign the VPN client an address, access to shares on the > > server is denied. > > > > Removed and reinstall DHCP. Disabled and reconfigured Routing > > and Remote > > Access. No luck. > > > > > > > > Amy > > > > Harbor Computer Services > > Small Business Computer Specialists > > > > Client Blog: http://smalltechnotes.blogspot.com/ > > Tech Blog: http://isainsbs.blogspot.com/ > > Website: http://www.harborcomputerservices.net/ All mail to and from this domain is GFI-scanned.