Re: DHCP Problem

---

• From: Mrc <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Sat, 24 Nov 2007 09:13:04 -0800

---

I've already attempted moving the rule up, but just tried again and made it
the first rule. Tried renewing the ip address on one of our pcs and watched
the ISA logs and all the DHCP requests were denied.

"Merv Porter [SBS-MVP]" wrote:

What happens if you move the DHCP Firewall Policy rule(s), in ISA 2004, to
the top of the list?

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:626B0C62-9F92-4FF8-AAF1-29D1E9C55EAD@xxxxxxxxxxxxxxxx

The event logs on the server are mostly clean. I get this once in a while
(always after running the Romote access wizard)

Unable to contact a DHCP server. The Automatic Private IP Address
169.254.9.0 will be assigned to dial-in clients. Clients may be unable to
access resources on the network.


Once in a while I get this but its rare.
DCOM was unable to communicate with the computer COUNTER5 using any of the
configured protocols.


The client computer's logs are a mess due to not being able to renew ip
address. It starting to cause a lot of problems and I'm will need to start
assigning static addressses soon if I can't get this fixed.


Should the ISA server be rejecting requests from an ip address on the
subnet
or 0.0.0.0 to 255.255.255.255 on port 67 (DHCP request) ??



"Merv Porter [SBS-MVP]" wrote:

Anything in the Event Logs?

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AE375D74-10B5-413F-8A48-4C9DA3FFC5DE@xxxxxxxxxxxxxxxx

Been there done that. I don't think this applies because our systems
has
been
operating for over a month without any service packs being applied. We
did
install WSUS 3.0 and Sharepoint Services 3.0 during this time peroid
but
the
system worked fine after the installs.


"Merv Porter [SBS-MVP]" wrote:

Something to check...

SBS SP1 + ISA 2004 = No DHCP
http://msmvps.com/blogs/cgross/archive/2005/06/22/54567.aspx

ISA Management console | expand <servername> | Configuration |
Network.
Select the Internal network, and edit it to include .255

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5A109C99-9C30-4E05-A34B-666541229222@xxxxxxxxxxxxxxxx

Yes, several times.

11/16/07 I restarted the system. We had installed Blackberry
Enterprise
Server the week before. After the server started 11/16/07 all of the
client
computers were directed to the Blackberry MDS site on the server.
This
is
when I ran CEICW. The log for the CEICW was dated 11/16/07 at 2:09
pm
and
the
Denied Connections started showing up in the ISA logs seconds later.
I
have
no idea if this is related to BES or was triggered by running CEICW.
Also
I
have reran CEICW several times. Updated the NIC drivers. Set
EnableRSS
to
0,
DisableTaskOffload to 1 per the article about Common networking
issues
after
applying windows server 2003 sp2 on SBS in The Official SBS Blog.

The ISA logs are blocking all DHCP request and Replies from 0.0.0.0
or
255.255.255.255. Sometimes it allows a connection from
172.31.255.XXX
to
the
server 172.31.255.20. This puzzles me because before 11/16/2007 the
log
had
very few entries from or to 0.0.0.0. or 255.255.255.255 relating to
DHCP.

I had to uninstall ISA a few months ago after doing a Swing
Migration
due
to
the network behaving flakey and things were fine. I ignored the
advise
from
the Swing Migration guy and reloaded it. It has been working fine
for
the
last month or so but I'm thinking I made a mistake and should do
away
with
the ISA server altogether?


"Kevin Weilbacher" wrote:

You say the system was running fine until a few days ago. What
happened
or
changed?

Have you tried rerunning CEICW?

--
Kevin Weilbacher [SBS MVP]
"The days pass by so quickly now, the nights are seldom long"
*

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:73C2D5C1-154C-46A8-93EF-FFC81F2DE65A@xxxxxxxxxxxxxxxx

SBS 2003 R2, ISA 2004
Dhcp server will not assign an IP address to a new workstation or
to
a
workstation after an ipconfig /release has been ran.

DHCP logs show that some clients are renewing. The workstations
that
cannot
renew still function after assigning a static ip address.

The system had been running fine until a few days ago.

This is what is showing up on the ISA logs.

Denied Connection DELLSRV 11/23/2007 3:19:03 PM
Log type: Firewall service
Status: The policy rules do not allow the user request.
Rule:
Source: Internal ( 172.31.255.72:68)
or
(
0.0.0.0:68)
Destination: Local Host ( 255.255.255.255:67)
Protocol: DHCP (request)



Windows IP Configuration

Host Name . . . . . . . . . . . . : DELLSRV
Primary Dns Suffix . . . . . . . : thompsonshonda.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : thompsonshonda.com

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme
II
GigE
(NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-19-B9-D1-6E-4D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.31.255.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 172.31.255.20
Primary WINS Server . . . . . . . : 172.31.255.20

Ethernet adapter Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Dual
Port
Server
Ada
pter #2
Physical Address. . . . . . . . . : 00-15-17-37-1D-6A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 63.134.160.6
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . : 63.134.160.5
DNS Servers . . . . . . . . . . . : 172.31.255.20
Primary WINS Server . . . . . . . : 172.31.255.20
NetBIOS over Tcpip. . . . . . . . : Disabled

????

.

---

• Follow-Ups:
  • Re: DHCP Problem
    • From: Merv Porter [SBS-MVP]

• References:
  • DHCP Problem
    • From: Mrc
  • Re: DHCP Problem
    • From: Kevin Weilbacher
  • Re: DHCP Problem
    • From: Mrc
  • Re: DHCP Problem
    • From: Merv Porter [SBS-MVP]
  • Re: DHCP Problem
    • From: Mrc
  • Re: DHCP Problem
    • From: Merv Porter [SBS-MVP]
  • Re: DHCP Problem
    • From: Mrc
  • Re: DHCP Problem
    • From: Merv Porter [SBS-MVP]

• Prev by Date: Re: DHCP Problem
• Next by Date: Re: DHCP Problem
• Previous by thread: Re: DHCP Problem
• Next by thread: Re: DHCP Problem
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: VPN, RRAS & DHCP ... After researching your logs, I found the Event ID 20169 ... Please try to set RemoteAccess service to depend on the DHCP server ... Reboot the server to see whether the issue still occurs. ... The problem occurred after you install ISA server. ... (microsoft.public.windows.server.sbs) Re: DHCP Problem ... Unable to contact a DHCP server. ... The client computer's logs are a mess due to not being able to renew ip ... Denied Connections started showing up in the ISA logs seconds ... (microsoft.public.backoffice.smallbiz) Re: Multiple errors ... Please run command "net stop fweng" to stop all ISA services on the server ... address from the DHCP server. ... Please mail me all logs under ... (microsoft.public.windows.server.sbs) Re: DHCP Problem ... What happens if you move the DHCP Firewall Policy rule, in ISA 2004, to ... Unable to contact a DHCP server. ... Denied Connections started showing up in the ISA logs seconds later. ... (microsoft.public.backoffice.smallbiz) Re: DHCP Problem ... Server the week before. ... Denied Connections started showing up in the ISA logs seconds later. ... or 255.255.255.255 relating to DHCP. ... Ethernet adapter Server Local Area Connection: ... (microsoft.public.backoffice.smallbiz)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)