Hi Amy, Is the DHCP server on the ISA firewall? Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] > Sent: Monday, December 05, 2005 1:12 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] ISA denies DHCP request > > http://www.ISAserver.org > > I got stumped this weekend. A fellow consultant has a SBS box with ISA > 2004. After the upgrade from ISA 2000 to ISA 2004, ISA denies DHCP > requests because it sees them as coming in on the external NIC. > > I checked all of the usual stuff. NICs are configured > correctly. Binding > order is correct. Routing table looks normal. DHCP rules are correct. > Clients are correctly configured. External NIC is connected > only to the > ADSL modem, Internal NIC is connected only to a switch with the PC's. > > Here's the packets. I can't figure out why ISA thinks these > are external > packets. > > 192.168.1.16 SBSERVER UDP 68 0 0 0 > 0x0 0x0 0x0 Firewall 12/4/2005 9:10 192.168.1.2 > 67 DHCP (request) Initiated Connection SBS Protected Networks > Access Rule 192.168.1.16 Internal Local Host > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > Connection Default rule 0.0.0.0 External Local Host > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > Connection Default rule 0.0.0.0 External Local Host > > 0.0.0.0 SBSERVER UDP 68 0 0 0 > 0xc004000d FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall > 12/4/2005 9:10 255.255.255.255 67 DHCP (request) Denied > Connection Default rule 0.0.0.0 External Local Host > > > This server also has difficulty with VPN clients. They also don't get > served IP addresses by the DHCP server. However, even when you > statically assign the VPN client an address, access to shares on the > server is denied. > > Removed and reinstall DHCP. Disabled and reconfigured Routing > and Remote > Access. No luck. > > > > Amy > > Harbor Computer Services > Small Business Computer Specialists > > Client Blog: http://smalltechnotes.blogspot.com/ > Tech Blog: http://isainsbs.blogspot.com/ > Website: http://www.harborcomputerservices.net/ > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >