Re: "Spoof Attack" problem

Instead ofd entering each internal subnet individually, create a "classless"
route.
For instance, if the internal subnets are:
10.0.0.1 - 10.0.127.254 with a netmask of 255.255.255.0, you would enter
this route as:
route -p add 10.0.0.0 mask 255.255.128.0 <YourRouterIP>

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!

----- Original Message -----
From: "Brian McCann" <bjm1287@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, January 22, 2002 10:41
Subject: [isalist] "Spoof Attack" problem


http://www.ISAserver.org


I've got a problem with a new ISA server setup.  ISA is only installed for
it's firewall capabilities and it's loging.  The server is a DC and a web
server (we have limited resources).  It has 2 default gateways: one that
goes to the internet and one that goes to our internal network router.  The
problem I'm having is that anytime I try accessing the server (via WWW) from
the internet, I get an event in the App. Log that says it detected a spoof
attack, and nothing loads.  If I remove the internal gateway, it works fine.
Anyone have any ideas aside from entering static routes (since there are
about 100 of them)?  I've already tried making the metric of the internal
gateway 2 instead of 1, and it still don't work.

Thanks,
--Brian


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')




Other related posts: