RE: HELP I am adding a third NIC and having problems

Also in the monitoring view to says the activity is denied but dosen't site a
rule it leaves the rule name blank. I tried moving the allow all trafic rule
for that card to the top of the rule list and nothing changes......

Anyone have any ideas?


--
**********************
Computers are incredibly fast, accurate, and stupid: humans are incredibly
slow, inaccurate and brilliant; together they are powerful beyond imagination.
--Albert Einstein


"cbtc_it" wrote:

> I have a server (ISA2004) on w2k3 and 2 NICs we added a third and configured
> it with a new subnet. The routing table looks good as far as I can tell here
> it is:
>
> IPv4 Route Table
> ===========================================================================
> Interface List
> 0x1 ........................... MS TCP Loopback interface
> 0x10003 ...00 04 23 bb 69 3f ...... Intel(R) PRO/1000 MT Dual Port Server
> Adapter #2
> 0x10004 ...00 0f 1f 68 90 08 ...... Intel(R) PRO/1000 XT Network Connection
> 0x10005 ...00 0e 0c 58 39 d2 ...... Intel(R) PRO/1000 MT Server Adapter
> ===========================================================================
> ===========================================================================
> Active Routes:
> Network Destination Netmask Gateway Interface Metric
> 0.0.0.0 0.0.0.0 10.166.66.1 10.166.66.10 20
> 0.0.0.0 0.0.0.0 192.168.23.2 192.168.23.1 10
> 10.166.66.0 255.255.255.0 10.166.66.10 10.166.66.10 20
> 10.166.66.10 255.255.255.255 127.0.0.1 127.0.0.1 20
> 10.166.67.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.68.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.69.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.70.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.71.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.72.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.166.73.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.252.68.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 10.255.255.255 255.255.255.255 10.166.66.10 10.166.66.10 20
> 123.37.199.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
> 170.209.0.0 255.255.255.0 192.168.100.1 192.168.100.1 1
> 192.168.23.0 255.255.255.0 192.168.23.1 192.168.23.1 10
> 192.168.23.1 255.255.255.255 127.0.0.1 127.0.0.1 10
> 192.168.23.255 255.255.255.255 192.168.23.1 192.168.23.1 10
> 192.168.100.0 255.255.255.0 192.168.100.1 192.168.100.1 10
> 192.168.100.1 255.255.255.255 127.0.0.1 127.0.0.1 10
> 192.168.100.255 255.255.255.255 192.168.100.1 192.168.100.1 10
> 199.38.140.0 255.255.255.0 10.166.66.1 10.166.66.10 1
> 224.0.0.0 240.0.0.0 10.166.66.10 10.166.66.10 20
> 224.0.0.0 240.0.0.0 192.168.23.1 192.168.23.1 10
> 224.0.0.0 240.0.0.0 192.168.100.1 192.168.100.1 10
> 255.255.255.255 255.255.255.255 10.166.66.10 10.166.66.10 1
> 255.255.255.255 255.255.255.255 192.168.23.1 192.168.23.1 1
> 255.255.255.255 255.255.255.255 192.168.100.1 192.168.100.1 1
> Default Gateway: 192.168.23.2
> ===========================================================================
> Persistent Routes:
> Network Address Netmask Gateway Address Metric
> 10.166.67.0 255.255.255.0 10.166.66.1 1
> 10.166.68.0 255.255.255.0 10.166.66.1 1
> 10.166.69.0 255.255.255.0 10.166.66.1 1
> 10.166.70.0 255.255.255.0 10.166.66.1 1
> 10.166.71.0 255.255.255.0 10.166.66.1 1
> 10.166.72.0 255.255.255.0 10.166.66.1 1
> 10.166.73.0 255.255.255.0 10.166.66.1 1
> 10.252.68.0 255.255.255.0 10.166.66.1 1
> 123.37.199.0 255.255.255.0 10.166.66.1 1
> 199.38.140.0 255.255.255.0 10.166.66.1 1
> 170.209.0.0 255.255.255.0 192.168.100.1 1
>
> 10.166.66.0 is the internet network. 192.168.100.0 is the new subnet.
> 192.168.23.0 is the subnet between the ISA server and the Hardware firewall
> to the internet.
>
> I have a router box on the new subnet 192.168.100.0 and it can ping in to
> the internal netwrok but the other side of the box can't. When I do a
> tracert to the internal address (10.166.66.0) it goes to the correct card and
> seems to die (times out) at the new NIC card on the ISA server. Any help
> would be appriciated greatly. n I had an "ISA Expert" help me set it up this
> far and well here I am.
> --
> **********************
> Computers are incredibly fast, accurate, and stupid: humans are incredibly
> slow, inaccurate and brilliant; together they are powerful beyond imagination.
> --Albert Einstein
.

Relevant Pages

  • Re: isa on a single subnet
    ... I thought splitting the 192.168.0.0 subnet into 4 subnets might have ... the ISA server, one with an address of say 192.168.0.129 subnet mask ... then out to the internet. ...
    (microsoft.public.isa)
  • HELP I am adding a third NIC and having problems
    ... Persistent Routes: ... is the internet network. ... is the new subnet. ... seems to die at the new NIC card on the ISA server. ...
    (microsoft.public.isa.configuration)
  • Help setting up RRAS
    ... configurations including VPN, remote access, and Internet Connection ... DSL Modem connects directly to ISA server. ... ISA connects to production subnet via NIC-PROD. ...
    (microsoft.public.win2000.ras_routing)
  • VPN Clients not able to communicate with network behind ISA Server
    ... I have an ISA Server up and running with the following config: ... My PPTP VPN Clients get an APIPA address from the ISA server. ... external resources on the internet work fine, but the VPN Clients are not ... able to communicate with the servers on the 10.0.0.0/8 subnet. ...
    (microsoft.public.isa.vpn)
  • Re: Routing and RRAS Problem - Pleasehelp
    ... Traffic from your "internal" subnet can get ... out to the Internet by default routing, but the return traffic will fail. ... You need to add an extra route to the Linksys router so that it knows how to ...
    (microsoft.public.windows.server.networking)