Re: ISA - internal interface broacasting on external interface ?

• From: "David Elmquist" <david@xxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 14 May 2002 18:03:13 +0200

I`ve once weeded DHCP broadcasts hitting my external from the logs
By creating a packetfiler to block the traffic and specify no logging:

 Packet Filter Name : DHCP BC

        Enabled : True
        Filter Mode : Block
        Filter Type : Custom
        Protocol : UDP
        Direction : Inbound and Outbound
        Local Port : 68
        Remote Port : 67
        Local Computer Filter Applies to this IP : 0.0.0.0
        Remote Computer Filter Applies to Host: "originating IP here"

I agree that it would be best to find the source of the broadcasts,
But I`m pretty sure that it could be removed from the logs by tweaking
The above filter.

 David Elmquist

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: 14. maj 2002 17:01
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA - internal interface broacasting on external
interface ?

http://www.ISAserver.org


ISA blocks all broadcast traffic, so there's nothing you can do about
that
type of log entry.
Things to check:
1. are both subnets (int/ext) operating from the same switch/hub?
2. does the ISA also provide DHCP services?


Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "Tom Chadwick" <tom_chadwick@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, May 14, 2002 6:02 AM
Subject: [isalist] ISA - internal interface broacasting on external
interface ?


http://www.ISAserver.org


I have an ISA server in secure standalone mode using 10.x.x.x
internally.
The logs (by inspecting the raw data) indicate that the internal
interface
is broadcasting (255.255.255.255 UDP port 67/68)on the external
interface.
Also this traffic is shown as being blocked. I would like to resolve
this
as a) it is adding to the log file size and b)I can't see where the
BLOCK
is coming from.

Thanks

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')



------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
david@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA - internal interface broacasting on external interface ?
• » Re: ISA - internal interface broacasting on external interface ?
• » Re: ISA - internal interface broacasting on external interface ?

1. Home
2. isalist
3. Archive
4. 05-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---