Only unicast mode is supported if you want to use integrated NLB and you do. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Akshay [mailto:akshay.bhatnagar@xxxxxxxxx] > Sent: Saturday, October 29, 2005 8:22 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Unicast vs Multicast Mode for ISA > > http://www.ISAserver.org > > At an Exchange deployment, we have 2 ISA servers Enterprise > Ed. (Windows > 2003 SP1) setup in the DMZ. Windows NLB has been configured to route > traffic between the two hosts. > > The IP address of the NLB Cluster Server (Virtual Node - > 192.168.0.3) has > been NATted to the public IP (202.101.101.101). The > certificate has been > installed and the web site has been registered for OWA publishing. > > Communication from Internal client will be configured to go out to the > Internet and hit ISA instead of accessing the Front-end > servers directly. > > We tried the following scenarios: > > (1) Client in the same subnet (192.168.0.*) as the ISA server: these > clients were able to connect to the website > https://owa.corp.com/exchange. > This seems to imply that ISA is correctly routing HTTPS > packets between > Front-end servers and the clients. > (2) External/Internal clients: Page takes a long time to load > and gives > error "Could not find host or DNS error". We have verified > that the web > site has already been registered at the ISP. > > > NLB refuses to work in Unicast mode (clients get a "Could not > find host or > DNS error"). After setting to Multi-cast mode clients are > able to connect. > > A couple of questions regarding this: > > (1) Is Multicast mode (with single affinity) a supported > configuration for > NLB? I remember reading in communities that with Multicast > mode, static > ARP entries have to be added at some (Cisco) routers. Unicast > mode, on the > other hand, is supposed to work seamlessly with all routers. > If this is > the case, I cannot explain why the configuration is working > in Multicast. > (2) In Multicast mode, ISA servers are in a perpetual > converging mode. Is > this an expected behavior? We have 2 OWA servers in the > corporate LAN also > configured with NLB (Unicast with single affinity) but which are not > facing any of these issues. The only difference between the > two is that > ISA is setup in the DMZ. Hosts in DMZ cannot ping each other > even without > NLB enabled. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >