RE: Packet filter weirdness

  • From: "John C. Shepard" <jshepard@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 23 Apr 2002 08:41:09 -0700

This shows up in the Application Log occasionally, related or not...
 
Event Type:       Error
Event Source:    Microsoft Firewall
Event Category: None
Event ID:           11001
Date:                4/23/2002
Time:                8:33:43 AM
User:                N/A
Computer:         CERBERUS
Description:
Microsoft Firewall failed. The failure occurred during Initialization of 
reverse Network Address Translation (NAT).  because the configuration property 
ClientSetsExcluded of the key 
LDAP://dc1.seattle.atinera.local/CN={013C3867-DCB6-470A-884D-1DBA2708ACBF},CN=PNATServerMappings,CN=Publishing,CN={2F3B145E-C008-43E0-8AE1-720F62173C0B},CN=Arrays,CN=Fpc,CN=System,DC=seattle,DC=atinera,DC=local
 could not be accessed. Use the source location 3.1061.3.0.1200.166 to report 
the failure. The error code in the Data area of the event properties indicates 
the cause of the failure. For more information about this event, see ISA Server 
Help. The error description is: The system cannot find the file specified.
 
Data:
0000: 02 00 07 80               ...EUR    
 
-----Original Message-----
From: John C. Shepard 
Sent: Tuesday, April 23, 2002 8:01 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Packet filter weirdness
 
http://www.ISAserver.org
Has anyone gotten Filters to work on a 2nd or 3rd IP address for the external 
NIC? They seem to work perfectly for the first IP address but not for any other 
IP:
 
External NIC:
IP 1: 123.123.123.1
IP 2: 123.123.123.2
 
Filters:
#1: Allow, ICMP ping response, External IP 123.123.123.1, All remote computers
#2: Allow, ICMP ping query, External IP 123.123.123.1, All remote computers
#3: Allow, ICMP ping response, External IP 123.123.123.2, All remote computers
#4: Allow, ICMP ping query, External IP 123.123.123.2, All remote computers
 
Results:
Can ping 123.123.123.1 fine, but canot ping 123.123.123.2.
 
It's almost like packet filters bind on nothing but the first IP. That is not 
the case with Server Publishing Rules. They work fine on the second IP.
 
What is the explanation?
 
John
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jshepard@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 04-2002