RE: ISA denies DHCP request

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 5 Dec 2005 13:19:57 -0600

Hi Amy,

Is the DHCP server on the ISA firewall?

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
> Sent: Monday, December 05, 2005 1:12 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] ISA denies DHCP request
> 
> http://www.ISAserver.org
> 
> I got stumped this weekend. A fellow consultant has a SBS box with ISA
> 2004. After the upgrade from ISA 2000 to ISA 2004, ISA denies DHCP
> requests because it sees them as coming in on the external NIC. 
> 
> I checked all of the usual stuff. NICs are configured 
> correctly. Binding
> order is correct. Routing table looks normal. DHCP rules are correct.
> Clients are correctly configured. External NIC is connected 
> only to the
> ADSL modem, Internal NIC is connected only to a switch with the PC's. 
> 
> Here's the packets. I can't figure out why ISA thinks these 
> are external
> packets.
> 
> 192.168.1.16  SBSERVER        UDP     68      0       0       0
> 0x0   0x0     0x0     Firewall        12/4/2005 9:10  192.168.1.2
> 67    DHCP (request)  Initiated Connection    SBS Protected Networks
> Access Rule   192.168.1.16    Internal        Local Host
> 
> 0.0.0.0       SBSERVER        UDP     68      0       0       0
> 0xc004000d FWX_E_POLICY_RULES_DENIED  0x0     0x0     Firewall
> 12/4/2005 9:10        255.255.255.255 67      DHCP (request)  Denied
> Connection    Default rule    0.0.0.0 External        Local Host
> 
> 0.0.0.0       SBSERVER        UDP     68      0       0       0
> 0xc004000d FWX_E_POLICY_RULES_DENIED  0x0     0x0     Firewall
> 12/4/2005 9:10        255.255.255.255 67      DHCP (request)  Denied
> Connection    Default rule    0.0.0.0 External        Local Host
> 
> 0.0.0.0       SBSERVER        UDP     68      0       0       0
> 0xc004000d FWX_E_POLICY_RULES_DENIED  0x0     0x0     Firewall
> 12/4/2005 9:10        255.255.255.255 67      DHCP (request)  Denied
> Connection    Default rule    0.0.0.0 External        Local Host
> 
> 
> This server also has difficulty with VPN clients. They also don't get
> served IP addresses by the DHCP server. However, even when you
> statically assign the VPN client an address, access to shares on the
> server is denied.
> 
> Removed and reinstall DHCP. Disabled and reconfigured Routing 
> and Remote
> Access. No luck.
> 
> 
> 
> Amy
>  
> Harbor Computer Services
> Small Business Computer Specialists
>  
> Client Blog: http://smalltechnotes.blogspot.com/
> Tech Blog: http://isainsbs.blogspot.com/
> Website: http://www.harborcomputerservices.net/
>  
> 
>  
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 


Other related posts: