RE: Load Balance Error Message

Tech-Archive recommends: Fix windows errors by optimizing your registry

Under Configuration --> Networks --> Network Rules, did u create a "Route"
relationship between Internal and External networks?

Firstly, creating a "Route" between external and internal networks is a
not-so-good idea.

Secondly, if you can't live without the "Route", then you need to load
balance your external network. If you can't loadbalance your external
network, then you have to live with the error :).

For ISA networking best practices, see:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/bp_networks.mspx

--
Shijaz
MCSE:Security, CCNA
www.shijaz.com/isaserver


"Henri" wrote:

Hello,
i have problems in my ISA Array, below my config.

ISA Server 2006 Ent (previously ISA server 2004, same error message did
appear (listed below).
Multi Server Array (2 Servers)
Internal 172.16.1.0/24
DMZ 10.10.10.0/24
Array communication 192.168.249.0/24
External 195.35.xxx.xxx (ISA #1) / 82.92.xxx.xxx (ISA #2)

Internal network is load balanced
DMZ network is also load balanced,
External network is NOT Load balanced because this are 2 different DSL lines

Network rules:
- Route rule between Perimeter and internal
- Nat rule beteen external and internal/perimeter
Everything works fine, but i want to get rid of this annoying message below,
anyone ideas?
If i read the error message, it looks like the problem is related that i
load balance my internal and not my external network?
Error Message:
i have an reoccuring error message in the application log, the error is also
logged in the alers section of the dashboard.

Event ID 21215:
An inconsistency in the Network Load Balancing (NLB) configuration may
result in inconsistent handling of traffic between the Internal network
and the External network. When a network rule specifying a route
relationship is defined between two networks, NLB must be enabled (or
disabled)
on both networks. To enable NLB for IPsec remote site networks, enable NLB
on the network containing the local tunnel endpoint.
To enable NLB for VPN site-to-site and VPN client networks, enable NLB on
the selected access networks.
Alternatively, for the VPN Client network, you can designate a router for
routing traffic according to the static address pool.

Regards Henri



.

Relevant Pages

  • Re: Load Balance Error Message
    ... as described below that is a nat rule (Nat rule beteen internal ... External network is NOT Load balanced because this are 2 different DSL ... creating a "Route" between external and internal networks is a ... Nat rule beteen external and internal/perimeter ...
    (microsoft.public.isa.enterprise)
  • Re: How is DNS resolution working?
    ... >> and our DNS server on machine B is only on a private network, ... host on the external network ... It just happens that on the external network, there is a Windows domain ...
    (microsoft.public.win2000.dns)
  • Re: How is DNS resolution working?
    ... >> and our DNS server on machine B is only on a private network, ... host on the external network ... It just happens that on the external network, there is a Windows domain ...
    (microsoft.public.win2000.networking)
  • Re: 3rd leg DMZ with real IPs
    ... > Could anyone explain me how to configure ISA2004 network interfaces if I> want to achieve the following scenario:> I have got to different IP address> blocks allocated from my ISP. ... > I want to allocate one address block to the external ISA interface, and> another address block to the 3rd leg DMZ network, while my internal network> will be configured with private adresses. ... > I have created "Perimeter" network object and established route relations> between perimeter and external neworks. ... Finally I have added access rule> allowed all outbound IP traffic from the perimeter to the external network. ...
    (microsoft.public.isa)
  • RE: WIN2003 server and SBS2000 AD/DC
    ... First of all, I would confirm your network diagram, is it like follow? ... DMZ as the external network) on the SBS. ... Publish an Internal Web Server Through Microsoft ISA Server 2000 ... Microsoft - Server publishing rules and IP packet filters ...
    (microsoft.public.windows.server.sbs)