http://www.ISAserver.org ------------------------------------------------------- I hope it doesn't resemble a "Tequila Sunrise!" t On 7/7/06 9:25 AM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all: > http://www.ISAserver.org > ------------------------------------------------------- > > ..so it's not a drink sold with cookies by kids on neighborhood street > corners? > > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On > Behalf Of Thomas W Shinder > Sent: Friday, July 07, 2006 09:20 > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache > Server setup DNS problem > > Tamponade -- the insertion of a tampon during surgery to check bleeding > > :) > > Thomas W Shinder, M.D. > Site: www.isaserver.org <http://www.isaserver.org/> > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls > > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On > Behalf Of Thor (Hammer of God) > Sent: Friday, July 07, 2006 11:15 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache > Server setup DNS problem > > > "Post-evacuation tamponade?" You can't talk to a lady like that!!! > > t > > > On 7/7/06 8:26 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> spoketh to all: > > > > Hi Barbara, > > Thanks for getting the book! But one thing about my books, it's like going to > a medical school clinical lecture. If I'm lecturing about evacuating epidural > hematomas, you have to listen to the whole thing -- you can't wink out during > the time I'm talking about preparing the skull and post-evacuation tamponade. > > So, what you missed are the assumptions on page 493, which was that you don't > have any other servers on your network, and thus we are installing a DNS > server on the ISA firewall. Is that assumption correct for your network? > > Tom > > Thomas W Shinder, M.D. > Site: www.isaserver.org <http://www.isaserver.org/> > <http://www.isaserver.org/> > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > <http://tinyurl.com/3xqb7> > MVP -- ISA Firewalls > > > > > > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On > Behalf Of Barbara Causey > Sent: Friday, July 07, 2006 9:16 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache > Server setup DNS problem > > > > Thanks to everyone for their help. It is working now, but something is still > not right. If I set up the client computers to use the ISA server as a web > proxy server then no Internet access. The ISA 2000 server was set up this way > and it worked great. > > > > In answer to your questions Dr. Tom, I was following the instructions in your > book that said to set up the ISA server as a caching only DNS server. I > configured the internal DNS server to use the ISA's DNS server as its > forwarder and I created the rule you stated. The client computers are using > the internal DNS server. > > > > Any ideas on what else could be wrong? > > > > Barbara > > > > > ----- Original Message ----- > > From: Thomas W Shinder <mailto:tshinder@xxxxxxxxxxx> > <mailto:tshinder@xxxxxxxxxxx> > > To: isalist@xxxxxxxxxxxxx > > Sent: Thursday, July 06, 2006 1:18 PM > > Subject: [isalist] Re: Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache > Server setup DNS problem > > > > Hi Barbara, > > > > Why are you running a DNS server on the ISA firewall? Is this configured as a > caching only DNS server? If so, you configure the internal DNS server to use > the ISA firewall's DNS server as it's forwarder, and you need to create a > rule that allows the internal DNS server access to the Local Host Network for > the DNS protocol. > > > > Also, the clients should not be using the ISA firewall's caching only DNS > server as their DNS server, they should be using the internal DNS server for > both internal and external name resolution. > > > > Keep in mind that the caching only DNS server on the ISA firewall is a poor > man's solution. The best solution is to have DNS resolvers on a DMZ segment. > > > > HTH, > > Tom > > > > > Thomas W Shinder, M.D. > Site: www.isaserver.org <http://www.isaserver.org/> > <http://www.isaserver.org/> > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > <http://tinyurl.com/3xqb7> > MVP -- ISA Firewalls > > > > > > > > > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On > Behalf Of Barbara Causey > Sent: Thursday, July 06, 2006 12:01 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Slightly OT Again:HP ProLiant DL320 Firewall/VPN/Cache > Server setup DNS problem > > > > Hello, it's me again. :-) > > I set up this server as a caching only DNS server following the instructions > in the ISA Server 2004 book by Dr. Tom and I can access the Internet on this > server, but not on any of the internal computers. I get the "Can not find > server or DNS error". I can ping the router through this server, but can't > get anywhere on the Internet. Everything works fine through the old ISA 2000 > server, but when I switch over to the new one you can't go anywhere. Would > someone please point me in the right direction to resolve this matter? > > Thank you, > Barbara Causey > > > > > > > > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx