Strange IP Conflict between PIX and ISA

Programming and Web Development Forums - ISA - Microsoft Internet Security and Acceleration

Skip to content

Strange IP Conflict between PIX and ISA

ISA
Post a reply

    Next

  • 1. Proxy Server/Web Filtering
    Hello, I'm hoping someone can point me in the right direction. I'm looking for documentation on utilizing ISA Server 2004 Standard Edition to Proxy outbound internet access, possibly utilizing a third party utility such as WebSense or some other application. Currently ISA is being utilized to publish OWA. Any and all web links, books (ISA 2004)... will be appreciated. Thank you. -- RAJ
  • 2. help regarding firewall bypassing
    the senerio i hav made is this 192.168.10.x 192.168.0.x -----internet ------------[nat device]-------------------[isa server]------------------- public ip private ip LAN users the problem i am having is this .... as all my users r located on 192.168.0.x network and isa is the default gateway for them.....bt some of the users put 192.168.10.X ip address on there computer with 192.168.10.2(gateway for 10.x)network .so tht they r now on 10.x network which results in bypass isa server firewall. pls tell me is there anyway i can stop this. ANWAR ADIL CCNA , MCP
  • 3. Passive FTP between WNT and WXP
    Hi! I have setup a PC with Windows XP Professional SP1 and Windows NT 4.0 SP6 with both IE6SP1 and installed Firewall Client. I have set on ISA 2000 SP2 FP1 full access to all protocols but still, NT 4.0 cannot access to FTP sites especially passive FTP! How can I set this and solve this issue? Me
  • 4. Cannot access websites after setting up schedule download
    I had about 5 websites set up for scheduled download in ISA 2004 standard SP1, along with a large cache of 2GB. This has worked fine for several months. Last week two of the websites became unresponsive, timing out on IE on any workstation behind the ISA server. The rest of the scheduled website URLs still work. The website URLs work when I try them on a workstation directly connected to the internet, bypassing ISA server, so I concluded the problem was in ISA. I removed the sites from the download schedule, still failed with a timeout. Then I disabled caching, still failed. I deleted the ISA cache, still failed. (I restarted ISA Server after each attempt.) Then I added a cache rule to explicitly not cache those two URLs. Still times out from behind the firewall. I can ping the site addresses, so DNS is okay. The host OS for ISA Server is WIndows 2003 Standard, SP1 not installed but all other updates current. Server has been rebooted, no affect on the problem. So I have to assume it's related to ISA caching, but I'm not sure what else to try. My working premise was that something in the ISA 2004 caching was corrupted, but after deleting the cache and all scheduled downloads I don't know where else to look. There are no access rules specific to those websites or IP numbers. I wasn't able to locate anything on corrupted cache in Technet. Any suggestions? Jack Peacock
  • 5. Isa 2004 & SMTP filter: how to turn off NDR's
    Hi all, does anyone know how I can prevent the SMTP Virtual server to send out NDR's for incoming messages with a destination that does not exist in our domain? Most of these messages are spams. The NDR's hang around in the queue for days because the senders' (spammers) address doesn't exist either. Also we are having a mail gateway (X-Wall) further along the line which handles the NDR's for us, so I really don't need the ISA server SMTO filter doing the same. (NB: IN Exchange, SMTP Virtual server, I believe you have this option to turn off NDR. However, I don't find in the ISA SMTP Virtual server...) TIA -- Paul

Strange IP Conflict between PIX and ISA

Postby trevor.dodds » Sat, 04 Mar 2006 00:19:54 GMT 

Hi,

I'm running ISA 2004 EE in a NLB Cluster.  The problem I have is that
both ISA Servers reporting IP conflicts at different intervals, the
server could be up for a day then this appears.
The MAC Address it conflicts with is the PIX MAC address.
The ISA Servers are pluged into a Cisco Switch.

Event Type: Error
Event Source: Tcpip
Event Category: None
Event ID: 4199
Date:  2006/03/01
Time:  15:22:48 PM
User:  N/A
Computer: ISA01
Description:
The system detected an address conflict for IP address XXX.XXX.XX.2
with the system having network hardware address 00:90:27:57:20:66.
Network operations on this system may be disrupted as a result.

Event Type: Error
Event Source: Tcpip
Event Category: None
Event ID: 4199
Date:  2006/03/02
Time:  06:22:48 AM
User:  N/A
Computer: ISA02
Description:
The system detected an address conflict for IP address XXX.XXX.XX.3
with the system having network hardware address 00:90:27:57:20:66.
Network operations on this system may be disrupted as a result.

Thanks
Trevor
Top

Similar Threads:

1.Strange conflict between DNS and FTP publications 

Hi all,

I've a strange problem I'm not able to clearly identify. 
My ISA Server 2000 (running on Windows 2000 AS) is 
publishing 2 DNS servers and one FTP server. It was 
working fine since few weeks ago, but now has this 
problem:
If both DNS and FTP publications are enabled, the 2 DNS 
are unreachable. As soon as I disable the FTP 
publication, the DNSes start working. If I reenable the 
FTP, after a while (maybe 1 hour, maybe 1 day) both DNSes 
stop responding again (the still respond from the DMZ, 
but not from the Internet).
What maybe the problem ? What should I check ?
I checked all the security bulletin for DoS attacks 
regarding DNS or FTP, but found out only patches I'd 
already applied.
Nothing special on the logs (or, at least, I don't know 
what to look for).

Any help is appreciated.

Thanks.

Massimo.

2.FTP outward traffic causing "Unidentified IP traffic" error on ISA 2004 server connected to a PIX 


We have a problem with outgoing FTP traffic going through our ISA 2004
server from one of our remote sites. It works absolutely fine from our
main office, but when the traffic originates from our regional office
(we connect to their Pix router via a VPN), it fails every time. The
error from her workstation is "Windows cannot access this folder. Make
sure you type the file name correctly, and that you have permission to
access the folder. Details: the operation timed out". The user has a
Windows XP PC but Windows firewall is switched off. There is a rule our
firewall to allow access from all our subnets (including those from our
regional office), so this should be applicable to all no matter what
their location, however as a test I created a new rule specifically for
the regional office subnet, which failed. I also started logging on the
ISA server, while the user tried this operation again, and the message
stated that the protocol was 'unidentified IP traffic' and the action
was 'closed connection' (the source network was confired as 'internal
however').

The guy who looks after the PIX is away at the moment, but I was
informed by others that it is not configured to block anything (indeed
if it was, there would be nothing hitting the ISA server). Something
seems to be distorting this traffic when it comes from the remote site,
and I don't know what it is.

Any thoughts?

3.ISA outside IP and PIX firewall 

Hi

Can anyone help me on this please, I have a severe lack of understanding!!!

To enable Email I have set up a static command in our PIX firewall, that 
specifies a global address for the local host.

My problem is that as we have an ISA server, all internal host are reported 
as having the IP address as the outside NIC on ISA. I cannot get the Exchange 
server's IP address to pass through ISA, and I am not sure I want to.

However now all externally bound traffic has an IP address transaltes as to 
be the same as my Excahnge server's public IP

To get around this I would like to allow the IP address of my internall 
Exchange achine to pass through ISA, so that my PIX can then NAT it as 
required.

Does this make sense, and can someone tell me how to do it?

Thanks

Lewej

4.FTP outward traffic causing "Unidentified IP traffic" error on ISA 2004 server connected to a PIX 


We have a problem with outgoing FTP traffic going through our ISA 2004
server from one of our remote sites. It works absolutely fine from our
main office, but when the traffic originates from our regional office
(we connect to their Pix router via a VPN), it fails every time. The
error from her workstation is "Windows cannot access this folder. Make
sure you type the file name correctly, and that you have permission to
access the folder. Details: the operation timed out". The user has a
Windows XP PC but Windows firewall is switched off. There is a rule our
firewall to allow access from all our subnets (including those from our
regional office), so this should be applicable to all no matter what
their location, however as a test I created a new rule specifically for
the regional office subnet, which failed. I also started logging on the
ISA server, while the user tried this operation again, and the message
stated that the protocol was 'unidentified IP traffic' and the action
was 'closed connection' (the source network was confired as 'internal
however').

The guy who looks after the PIX is away at the moment, but I was
informed by others that it is not configured to block anything (indeed
if it was, there would be nothing hitting the ISA server). Something
seems to be distorting this traffic when it comes from the remote site,
and I don't know what it is.

Any thoughts?

Post a reply

Return to ISA

 

Who is online

Users browsing this forum: No registered users and 53 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group