[isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isapros@xxxxxxxxxxxxx>
• Date: Thu, 20 Jul 2006 12:23:36 -0500

The KB implies that these are network IDs that are different from the
local interface's network ID. That's the problem with the KB.

For example, scenario 1:

NetID 1: 10.0.1.0/24
NetID 2: 10.0.2.0/24

ISA interface on Network ID:
NetID 3: 10.0.3.0/16

In this scenario, the remote networks are on the same network ID as the
local ISA firewall's interface. Of course, the remote networks see the
ISA firewall's local interface as being on a different network ID, so a
router must be interposed.

For example, scenario 2:

NetID 1: 172.16.1.0/24
NetID 2: 192.168.1.0/24

ISA interface on network ID:
NetID 3: 10.0.3.0/24

In this scenario, would you consider it valid to bind IP address
192.168.1.1 to the ISA firewall interface on network ID 10.0.3.0?

Scenario 2 is what the KB article implies.

That's why they need to think about giving hard core examples in these
articles, otherwise they just contributed to the FUD.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx 
> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Thursday, July 20, 2006 11:35 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: ISA Server 2004 may stop responding 
> when IP addresses from multiple subnets are bound to the same adaptor
> 
> ??
> Of course you can. 
> So long as all those NetIds are segment-local, you can have 
> as many as you want.
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
>  
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx 
> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
> Sent: Thursday, July 20, 2006 09:28
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] ISA Server 2004 may stop responding when 
> IP addresses from multiple subnets are bound to the same adaptor
> 
> And what's up with this? This isn't even a supported 
> scenario? When do you bind IP addresses from different 
> network IDs to the same interface?
> 
> ISA Server 2004 may stop responding when IP addresses from 
> multiple subnets are bound to the same adaptor: 
> http://support.microsoft.com/kb/898553/en-us
> 
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> 
> 

• Follow-Ups:
  • [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
    • From: Jim Harrison

Other related posts:

• » [isapros] ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor
• » [isapros] Re: ISA Server 2004 may stop responding when IP addresses from multiple subnets are bound to the same adaptor

1. Home
2. isapros
3. Archive
4. 07-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---