Re: ISA Server detected routes - Event 14147

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "Ori Yosefi [MSFT]" <oriy@xxxxxxxxxxxxxxxxxxxx>
• Date: Sat, 24 Jun 2006 18:18:47 +0300

---

Can you please do "route print" in a command window and post the output
here? I will try to see why ISA says that 10.255.255.255 is associated with
the WAN adapter. Please also note that you have a PPP adapter with an
address of 10.0.0.29 called WAN. Maybe this adapter is the culprit.

Ori.
--
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.This posting is provided "AS IS" with no warranties, and
confers no rights.
"Ifstat" <Ifstat@xxxxxxxxxxxxx> wrote in message
news:4A0BEB01-35B2-43AB-874B-B7C582E81C6C@xxxxxxxxxxxxxxxx

Ori, where is this done?
The "WAN" NIC is associated with External connection on the ISA
192.168.1.2
The "LAN" NIC is associated with the Internal network connection 10.0.0.10

Are you saying that the LAN and WAN should both be in the 10.0.0.x
segment?
The subnect mask is the same for both 255.255.255.0 they were previously
different
255.255.255.0 - Internal NIC
255.255.255.248 - External NIC

Please provide me with your recommendation

"Ori Yosefi [MSFT]" wrote:

The routing table on your computer says that address 10.255.255.255
(broadcast address) would go out of the WAN NIC. ISA configuration,
however,
does not have 10.255.255.255 associated with the same network (e.g.
external).

I think that in the case of a broadcast address you can usually ignore
this
alert, although the best thing to do would be to add 10.255.255.255 to
the
network that WAN is assocuated with.

HTH,
Ori.

--
Please do not send email directly to this alias. This alias is for
newsgroup
purposes only.This posting is provided "AS IS" with no warranties, and
confers no rights.
"Ifstat" <Ifstat@xxxxxxxxxxxxx> wrote in message
news:C5305A36-F6D5-47BE-9464-298D23407A3A@xxxxxxxxxxxxxxxx

Hi,
Could some please help me uderstand this error and find the solution. I
have
read the article at ISA.org, but still struggling?
I have attached my network configuration, obivously some minor details
have
been altered.

Event Type: Error
Event Source: Microsoft Firewall
Event Category: None
Event ID: 14147
Date: 6/22/2006
Time: 10:29:25 AM
User: N/A
Computer: OCECPRISA
Description:
ISA Server detected routes through adapter WAN that do not correlate
with
the network
element to which this adapter belongs. For best practice, the address
range
of an ISA
Server network should match the address ranges routable through the
associated network
adapter as defined in the routing table. Otherwise valid packets may be
dropped as spoofed.
(This alert may occur momentarily when you create a remote site
network.
You
may safely ignore
this message if it does not reoccur.)
The address ranges in conflict are: 10.255.255.255-10.255.255.255;.

Windows IP Configuration
Host Name . . . . . . . . . . . . : isa
Primary Dns Suffix . . . . . . . : mydomain.com.cy
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : mydomain.com.cy

com.cy

PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : *Removed*
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.29
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :

Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : *Removed*
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.0.0.4

Ethernet adapter WAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 Network Connection
Physical Address. . . . . . . . . : *Removed*
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface

0x10002 ...*Removed* ...... WAN (PPP/SLIP) Interface

0x10003 ...*Removed* ...... Intel(R) PRO/1000 MT Network Connection

0x10004 ...*Removed* ...... Intel(R) PRO/100 Network Connection

===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2
30
10.0.0.0 255.255.255.0 10.0.0.10 10.0.0.10
10
10.0.0.10 255.255.255.255 127.0.0.1 127.0.0.1
10
10.0.0.26 255.255.255.255 10.0.0.29 10.0.0.29
1
10.0.0.29 255.255.255.255 127.0.0.1 127.0.0.1
50
10.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10
10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2
30
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1
30
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2
30
218.x.x.x 255.255.255.255 192.168.1.1 192.168.1.2 30
224.0.0.0 240.0.0.0 10.0.0.10 10.0.0.10
10
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2
30
255.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10
1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2
1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

.

---

• Follow-Ups:
  • Re: ISA Server detected routes - Event 14147
    • From: Ori Yosefi [MSFT]

• References:
  • ISA Server detected routes - Event 14147
    • From: Ifstat
  • Re: ISA Server detected routes - Event 14147
    • From: Ori Yosefi [MSFT]
  • Re: ISA Server detected routes - Event 14147
    • From: Ifstat

• Prev by Date: Re: Question and help
• Next by Date: Re: Application Event Log messages, Event ID 14064, on ISA 2004 Server
• Previous by thread: Re: ISA Server detected routes - Event 14147
• Next by thread: Re: ISA Server detected routes - Event 14147
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: VPN, routing problem with ISA2004 ... In the office that run SBS2000, what version of ISA is installed? ... > correlate with the network element to which this adapter belongs. ... the address range of an ISA Server network should match the address ... (microsoft.public.isa.vpn) ISA frequently drop VPN client with event id:14147 ... Intenal (is config correct on ISA range ... Ethernet adapter Local Area Connection: ... ISA Server detected routes through the network adapter Local Area ... IP address ranges included in each array-level network must include ... (microsoft.public.isa) Re: ISA Server detected routes - Event 14147 ... Another option I can think of is if the internal network was manually ... with the WAN adapter. ... address of 10.0.0.29 called WAN. ... Connection-specific DNS Suffix. ... (microsoft.public.isa) Re: ISA Server detected routes - Event 14147 ... does not have 10.255.255.255 associated with the same network (e.g. ... network that WAN is assocuated with. ... I have attached my network configuration, ... element to which this adapter belongs. ... (microsoft.public.isa) Re: ISA Configuration Issue ... from the routing table. ... ISA Server detected routes through adapter Local Network Interface that do ... (microsoft.public.isaserver)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > ISA  > microsoft.public.isa  > 2006-06