Tom's article is written for the case where you use your public domain name
for the internal network as well. In my case we use "pesa.com" for the
external domain name and "hsv.pesa.com" for the internal domain. The domain
name "hsv.pesa.com" is only used by internal clients - it is not publicly
accessible.
For name resolution I have internal DNS servers (W2K3) set to resolve
*.hsv.pesa.com and to forward anything else to our ISP's DNS servers for
resolution. I'm no expert on DNS and would like to know more. Can you
point me to a good resource on Windows DNS? It seems that for my case I
should be able to use my existing DNS server to redirect *certain* public
names to an internal host while allowing other public names to be resolved
by the external DNS servers. For example, I host our mail server
(mail.pesa.com) but not our web server (www.pesa.com). I would like to
redirect internal clients to mailserver.hsv.pesa.com while allowing the
www.pesa.com to be resolved externally. How can I do this with my existing
DNS server? For that matter, how can I intercept and redirect any arbitrary
host name using Win 2K3 DNS?
I'm not ignoring the split DNS approach, but I'm running a small network and
would not like to deploy additional servers if at all possible.
-- Michael Ellis
http://www.ISAserver.org
Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles!
http://www.ISAserver.org
Glad to be of service. I more or less stumbled upon the SP2 solution after scouring the MS KB, Googling in vain and asking for suggestions here (no responses were forthcoming). I should also note that applying SP2 "broke" a feature that the good folks here rather bluntly told me not to do. Before SP2 I was able to point an application running on an internal client to the public IP address of a server hosted internally and have ISA loop data back to my server. Alas, this (seemingly unsupported) feature no longer works.
Michael Ellis
http://www.ISAserver.org
All sorted, thanks again Michael. Seems that SP2 done the trick.............. why oh why don't MS update their knowledge base to include the information about ISA SP2, could have saved me half the day !!
Cheers again
http://www.ISAserver.org
Hmmm, first point i have done already. I'll double check that SP2 is installed and look at the remote access policy.
Cheers Michael
----- Original Message ----- From: "Michael Ellis" <isalist@xxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, September 13, 2004 2:11 PM
Subject: [isalist] Re: RRAS Problems after NT4 Domain Upgrade to 2003
twohttp://www.ISAserver.org
Make sure that the ISA machine has been added to the "RAS and IAS Servers" group, and make sure that ISA server SP2 has been installed. Theseauthenticationitems seemed to fix the problem for me.
Also take a look at the Remote Access Policy for your domain.
-- Michael Ellis
----- Original Message ----- From: Paul Crisp
To: [ISAserver.org Discussion List]
Sent: Monday, September 13, 2004 6:31 AM
Subject: [isalist] RRAS Problems after NT4 Domain Upgrade to 2003
http://www.ISAserver.org
Upgrade our NT4 domain on Friday, went through no problem (pheww). Now Monday morning, and finding our VPN users can no longer connect to the network I'm getting the following error
Error 930: the authentifcation server did not respond totherequests in a timely fashion
Running ISA 2000 by the way on a Windows 2000 server. Have looked athttp://www.webelists.com/cgi/lyris.pl?enter=isalistMS articles and everything seems fine, anyone got any tips or pointers
Cheers in advance
Paul Crisp Snr Network Support Analyst
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxx To unsubscribe visithttp://www.webelists.com/cgi/lyris.pl?enter=isalistReport abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: pcrisp@xxxxxxxxxxxxxxxxx To unsubscribe visitReport abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: pcrisp@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx