Re: Cannot Use LAN IP Addresses
From: A.Klimkin (aklimkin)
Date: 11/19/04
- Next message: Sam: "Re: Subnet of the IP I get is wrong"
- Previous message: Jim Harrison [MSFT]: "Re: Subnet of the IP I get is wrong"
- In reply to: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Next in thread: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Reply: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 19 Nov 2004 11:10:40 +0300
You're right, Phillip.
I believe it's a serious bug in firewall client/ISA2004 because there are
some cases when you're not able to use netbios or dns names in the url
string (like script-generated urls, for example).
I think it can be fixed by allowing firewall clients to resolve names by
their own, rather than by firewall service. But I can't find the appropriate
configuration option. Does anyone know if there is some registry value?
Regards,
Andrew
"Phillip Windell" <@.> wrote in message
news:eTw7INczEHA.1204@TK2MSFTNGP10.phx.gbl...
> Ah! I saw this right after I sent my other post,...check it out....(hehe).
>
> It is seeing the "dots" in the IP# and treating it as a FQDN (treats the
> numbers as if they were letters). It then trys to process it that way and
> creates a mess.
>
> Keep in mind that *all* FQDNs are *assumed* to be out on the Internet
until
> after they are resolved to an IP#,...so they always are proccessed by the
> proxying service. Once they are resolved and determined to be on the
Private
> side of the LAN the "proxying services" bail out and let it transit to the
> destination directly. If it improperly interprets the IP# in the URL to be
a
> FQDN instead,...well the problem becomes obvious.
>
> MS Exchange and the IIS SMTP Service will also do this and require that a
> raw IP# be enclosed in [ ] such as, [192.168.1.3] to indicate that they
> are simply a raw IP# and not a FQDN. But I doubt that would work with ISA
if
> you did that in the browser's address bar.
>
> Unfortunately, I'm not sure what causes it and I have no idea where the
> problem is happening either to even know what to blame.
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
> "Cyskon" <cyskon@msn.com> wrote in message
> news:OMqoxjZzEHA.3028@TK2MSFTNGP10.phx.gbl...
> > I should also let you know that, if I type in the NetBIOS name for the
> > resource I can get access to it, but NOT via the IP address.
> >
> > "Cyskon" <cyskon@msn.com> wrote in message
> > news:#zeJ$hLzEHA.260@TK2MSFTNGP11.phx.gbl...
> > > Hello Newsgroup,
> > >
> > > Here's my problem. My test workstations that I have installed the FWC
on
> > > cannot access other machines on the network using their IP address.
> > >
> > > I have a few web servers within my network that I access at times
using
> > the
> > > local IP address of the machine. Now I am unable to do this.
> > >
> > > Can someone tell me why and how to resolve the issue?
> > >
> > > Thanks
> > >
> > >
> >
> >
>
>
- Next message: Sam: "Re: Subnet of the IP I get is wrong"
- Previous message: Jim Harrison [MSFT]: "Re: Subnet of the IP I get is wrong"
- In reply to: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Next in thread: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Reply: Phillip Windell: "Re: Cannot Use LAN IP Addresses"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
