³Post-evacuation tamponade?² You can¹t talk to a lady like that!!! t On 7/7/06 8:26 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> spoketh to all: > Hi Barbara, > > Thanks for getting the book! But one thing about my books, it's like going to > a medical school clinical lecture. If I'm lecturing about evacuating epidural > hematomas, you have to listen to the whole thing -- you can't wink out during > the time I'm talking about preparing the skull and post-evacuation tamponade. > > So, what you missed are the assumptions on page 493, which was that you don't > have any other servers on your network, and thus we are installing a DNS > server on the ISA firewall. Is that assumption correct for your network? > > Tom > > Thomas W Shinder, M.D. > Site: www.isaserver.org <http://www.isaserver.org/> > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > MVP -- ISA Firewalls > > > >> >> >> >> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On >> Behalf Of Barbara Causey >> Sent: Friday, July 07, 2006 9:16 AM >> To: isalist@xxxxxxxxxxxxx >> Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 >> Firewall/VPN/Cache Server setup DNS problem >> >> >> >> Thanks to everyone for their help. It is working now, but something is still >> not right. If I set up the client computers to use the ISA server as a web >> proxy server then no Internet access. The ISA 2000 server was set up this >> way and it worked great. >> >> >> >> In answer to your questions Dr. Tom, I was following the instructions in >> your book that said to set up the ISA server as a caching only DNS server. I >> configured the internal DNS server to use the ISA's DNS server as its >> forwarder and I created the rule you stated. The client computers are using >> the internal DNS server. >> >> >> >> Any ideas on what else could be wrong? >> >> >> >> Barbara >> >>> >>> ----- Original Message ----- >>> >>> From: Thomas W Shinder <mailto:tshinder@xxxxxxxxxxx> >>> >>> To: isalist@xxxxxxxxxxxxx >>> >>> Sent: Thursday, July 06, 2006 1:18 PM >>> >>> Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 >>> Firewall/VPN/Cache Server setup DNS problem >>> >>> >>> >>> Hi Barbara, >>> >>> >>> >>> Why are you running a DNS server on the ISA firewall? Is this configured as >>> a caching only DNS server? If so, you configure the internal DNS server to >>> use the ISA firewall's DNS server as it's forwarder, and you need to create >>> a rule that allows the internal DNS server access to the Local Host Network >>> for the DNS protocol. >>> >>> >>> >>> Also, the clients should not be using the ISA firewall's caching only DNS >>> server as their DNS server, they should be using the internal DNS server >>> for both internal and external name resolution. >>> >>> >>> >>> Keep in mind that the caching only DNS server on the ISA firewall is a poor >>> man's solution. The best solution is to have DNS resolvers on a DMZ >>> segment. >>> >>> >>> >>> HTH, >>> >>> Tom >>> >>> >>> >>> >>> Thomas W Shinder, M.D. >>> Site: www.isaserver.org <http://www.isaserver.org/> >>> Blog: http://blogs.isaserver.org/shinder/ >>> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> >>> MVP -- ISA Firewalls > > > > >> >> >> >> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On >> Behalf Of Barbara Causey >> Sent: Thursday, July 06, 2006 12:01 PM >> To: isalist@xxxxxxxxxxxxx >> Subject: [isalist] Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache >> Server setup DNS problem >> >> >> >> Hello, it's me again. :-) >> >> I set up this server as a caching only DNS server following the instructions >> in the ISA Server 2004 book by Dr. Tom and I can access the Internet on this >> server, but not on any of the internal computers. I get the "Can not find >> server or DNS error". I can ping the router through this server, but can't >> get anywhere on the Internet. Everything works fine through the old ISA 2000 >> server, but when I switch over to the new one you can't go anywhere. Would >> someone please point me in the right direction to resolve this matter? >> >> Thank you, >> Barbara Causey >