Re: DHCP Problem

The firewall client is at the last version
4.0.3442.654



"Mrc" wrote:

???
About on the help menu is
Version: 4.0.2167.887 (SP3)

Add/Remove Programs doesn't show a item for SP3 and ISA shows the version at
Version: 4.0.2163 (SP1) ???
?????????




"Merv Porter [SBS-MVP]" wrote:

What SP level is ISA 2004 at (SP1,SP2, SP3)?

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8FDAB036-0B05-4D79-B430-83BC48D56158@xxxxxxxxxxxxxxxx
I've already attempted moving the rule up, but just tried again and made
it
the first rule. Tried renewing the ip address on one of our pcs and
watched
the ISA logs and all the DHCP requests were denied.

"Merv Porter [SBS-MVP]" wrote:

What happens if you move the DHCP Firewall Policy rule(s), in ISA 2004,
to
the top of the list?

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:626B0C62-9F92-4FF8-AAF1-29D1E9C55EAD@xxxxxxxxxxxxxxxx
The event logs on the server are mostly clean. I get this once in a
while
(always after running the Romote access wizard)

Unable to contact a DHCP server. The Automatic Private IP Address
169.254.9.0 will be assigned to dial-in clients. Clients may be unable
to
access resources on the network.


Once in a while I get this but its rare.
DCOM was unable to communicate with the computer COUNTER5 using any of
the
configured protocols.


The client computer's logs are a mess due to not being able to renew ip
address. It starting to cause a lot of problems and I'm will need to
start
assigning static addressses soon if I can't get this fixed.


Should the ISA server be rejecting requests from an ip address on the
subnet
or 0.0.0.0 to 255.255.255.255 on port 67 (DHCP request) ??



"Merv Porter [SBS-MVP]" wrote:

Anything in the Event Logs?

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AE375D74-10B5-413F-8A48-4C9DA3FFC5DE@xxxxxxxxxxxxxxxx
Been there done that. I don't think this applies because our systems
has
been
operating for over a month without any service packs being applied.
We
did
install WSUS 3.0 and Sharepoint Services 3.0 during this time peroid
but
the
system worked fine after the installs.


"Merv Porter [SBS-MVP]" wrote:

Something to check...

SBS SP1 + ISA 2004 = No DHCP
http://msmvps.com/blogs/cgross/archive/2005/06/22/54567.aspx

ISA Management console | expand <servername> | Configuration |
Network.
Select the Internal network, and edit it to include .255

--
Merv Porter [SBS-MVP]
============================

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5A109C99-9C30-4E05-A34B-666541229222@xxxxxxxxxxxxxxxx
Yes, several times.

11/16/07 I restarted the system. We had installed Blackberry
Enterprise
Server the week before. After the server started 11/16/07 all of
the
client
computers were directed to the Blackberry MDS site on the server.
This
is
when I ran CEICW. The log for the CEICW was dated 11/16/07 at
2:09
pm
and
the
Denied Connections started showing up in the ISA logs seconds
later.
I
have
no idea if this is related to BES or was triggered by running
CEICW.
Also
I
have reran CEICW several times. Updated the NIC drivers. Set
EnableRSS
to
0,
DisableTaskOffload to 1 per the article about Common networking
issues
after
applying windows server 2003 sp2 on SBS in The Official SBS Blog.

The ISA logs are blocking all DHCP request and Replies from
0.0.0.0
or
255.255.255.255. Sometimes it allows a connection from
172.31.255.XXX
to
the
server 172.31.255.20. This puzzles me because before 11/16/2007
the
log
had
very few entries from or to 0.0.0.0. or 255.255.255.255 relating
to
DHCP.

I had to uninstall ISA a few months ago after doing a Swing
Migration
due
to
the network behaving flakey and things were fine. I ignored the
advise
from
the Swing Migration guy and reloaded it. It has been working fine
for
the
last month or so but I'm thinking I made a mistake and should do
away
with
the ISA server altogether?


"Kevin Weilbacher" wrote:

You say the system was running fine until a few days ago. What
happened
or
changed?

Have you tried rerunning CEICW?

--
Kevin Weilbacher [SBS MVP]
"The days pass by so quickly now, the nights are seldom long"
*

"Mrc" <Mrc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:73C2D5C1-154C-46A8-93EF-FFC81F2DE65A@xxxxxxxxxxxxxxxx
SBS 2003 R2, ISA 2004
Dhcp server will not assign an IP address to a new workstation
or
to
a
workstation after an ipconfig /release has been ran.

DHCP logs show that some clients are renewing. The
workstations
that
cannot
renew still function after assigning a static ip address.

The system had been running fine until a few days ago.

This is what is showing up on the ISA logs.

Denied Connection DELLSRV 11/23/2007 3:19:03 PM
Log type: Firewall service
Status: The policy rules do not allow the user request.
Rule:
Source: Internal ( 172.31.255.72:68)
or
(
0.0.0.0:68)
Destination: Local Host ( 255.255.255.255:67)
Protocol: DHCP (request)



Windows IP Configuration

Host Name . . . . . . . . . . . . : DELLSRV
Primary Dns Suffix . . . . . . . : thompsonshonda.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : thompsonshonda.com

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C
NetXtreme
II
GigE
(NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-19-B9-D1-6E-4D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.31.255.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 172.31.255.20
Primary WINS Server . . . . . . . : 172.31.255.20

Ethernet adapter Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PT
Dual
Port
Server
Ada
pter #2
Physical Address. . . . . . . . . : 00-15-17-37-1D-6A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 63.134.160.6
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . : 63.134.160.5
DNS Servers . . . . . . . . . . . : 172.31.255.20
Primary WINS Server . . . . . . . : 172.31.255.20
NetBIOS over Tcpip. . . . . . . . : Disabled

????














.

Relevant Pages

  • Re: VPN Error 733, Event Log Error 20050 with SBS 2003
    ... Is there anyone from Microsoft who has the tools to decypher the logs I ... client to the server, but not the other way around. ... as far as I'm aware you can't reinstall RRAS (I think you could ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP Problem
    ... Unable to contact a DHCP server. ... The client computer's logs are a mess due to not being able to renew ip ... Denied Connections started showing up in the ISA logs seconds later. ...
    (microsoft.public.backoffice.smallbiz)
  • RE: How much do you disclose to customers?
    ... Logging - I keep detailed logs. ... their server does crash, I can help them pinpoint the problem test. ... the client may want a follow-up test after they've fixed the problem. ... How much do you disclose to customers? ...
    (Pen-Test)
  • Re: HTTPSConnection script fails, but only on some servers (long)
    ... >>>The python script works with server A, ... the problem seems to depend on both the client ... >>>Logs on server B show malformed URLs ONLY when the client ... >>>to convince myself that the script was not totally insane. ...
    (comp.lang.python)
  • Re: printer ports issue with term services
    ... have several clients remoting in to a windows 2000 terminal server. ... I believe the issue is when Client A logs in he gets an ID ... of say 1 and his printers are installed on port 001. ...
    (microsoft.public.windows.terminal_services)