RE: I dont understand all this UDP traffic
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 27 Aug 2002 13:42:21 -0700
Since .2 is the Exchange server, it appears that it's receiving UDP traffic
from an APIPA-configured
host (probably broadcast) and trying to reply to it. Since the 169.-subnet
isn't in it's local
segment, it uses ISA to respond (Default Gateway) and ISA logs this apparently
strange traffic.
About all you can do at this point is to run Netmon on the Exchange server
until you see that
traffic. Then you'll get a MAC address that'll can help you pin down the
offender.
Also, do you have manageable network devices (switches, routers, etc.)? If so,
you could use them
to narrow it down.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/pages/author_index.asp?aut=3
http://jalojash.org/isatools
Read the books!
----- Original Message -----
From: "skip" <skip@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, August 27, 2002 8:47 AM
Subject: [isalist] RE: I dont understand all this UDP traffic
http://www.ISAserver.org
Jim thanks a bunch for the reply, i have been struggling with this issue
for quite some time now. To answer your question 192.168.0.2 is the
exchange server, 192.168.0.1 is ISA, and yes I am running RRAS on ISA, i
used the wizard to set this up, and i dont ues DHCP to hand out ip's, I
use a pool, which i reserv in DHCP. Should i do the arp -a on the ISA
server, or Exchange to try and locate the culprit?
Thnaks Again
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
