Re: Internet Intermittent Connection
- From: "Mohammed A. Raslan" <m_raslan@xxxxxxxxxxxxxxxxx>
- Date: Fri, 13 Oct 2006 04:35:36 +0300
Your welcome,
I'm glad its working fine now :)
yours trully,
Mohammed A. Raslan
"Access Lover" <AccessLover@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FD24CD4F-3DBC-4903-AC51-A14AD7E49F4A@xxxxxxxxxxxxxxxx
Mohammed you are the best!
The Intermittent problem is gone. Its been up for more than 3 days now. I
thank you very much for your help.
Keep on helping people on the Discussion boards. You have the expertise
for
it.
"Mohammed A. Raslan" wrote:
I hope so,
its normal that the 1414x errors appear in your log but they should
appear
only once, and that should be around the time the ISA services start. but
after that it should not appear in your log.
Just run with the current configuration for a while and see what will
happen.
Regards,
Mohammed A. Raslan
"Access Lover" <AccessLover@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FDDDAFCD-AD8A-456C-AA75-132C6E9C469E@xxxxxxxxxxxxxxxx
I took out the GW of my Internal card as you requested and I now only
see 1
line with 0.0.0.0
What is also interesting is the 14147 error messages now says at the
bottom:
The address ranges in conflict are: 192.168.100.0-192.168.100.0
It does not show a huge list of addresses as it showed before this
change.
I can tell we are getting closer to a solution :-)
"Mohammed A. Raslan" wrote:
okay try this,
First open your internal NIC TCP/IP properties and remove the default
gateway from it, leave only the external default gateway on the
external
NIC, restart the ISA server and try.
After you restart open a command prompt window and type "route print"
confirm that you have only 1 line starting with 0.0.0.0 0.0.0.0 not 2
lines
waiting for your reply
Regards,
Mohammed A. Raslan
"Access Lover" <AccessLover@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:4ADDDD1C-93D3-4911-A424-C83A9077616A@xxxxxxxxxxxxxxxx
First of all, Here are my IPs for the network:
Internal Network: 192.168.100.1 - 192.168.100.255
ISA Internal NIC: 192.168.100.1
ISA External NIC: 192.168.1.100
Modem Internal: 192.168.1.254
Modem External: Public IP Address
Please read my comments below and thanks a lot for the help, I feel
we
are
getting closer.
"Mohammed A. Raslan" wrote:
Ok it looks like there is something wrong with your ISA server
configuration. First of all double check the "Internal" Network and
make
sure it only contains your internal IP range (The entire internal
range
which must include the IP of the ISA NIC connected to the internal
LAN),
don't add the private address (10.x.x.x, 172.16.x.x - 172.31.x.x,
192.168.x.x) for the moment, just your internal lan addresses only.
one
thing that can help is to open the "Internal" network properties
and
on
the
"Addresses" tab, instead of adding address, use the add adapter
option,
which should only select your internal network range, you then
should
add
any other networks and remove any additional ranges if they are
added.
The range on the Internal Network defined in ISA is 192.168.100.1 -
192.168.100.255, I did not do any changes to this setting as it
seems
fine.
I should also mention that the external NIC is actually the built-in
NIC
where is the Netgear NIC I added is used as the internal NIC. Would
this
be a
problem?
Second, double check the ISA server routing table, make sure that
all
routes
to the internal networks are going trough the internal NIC, and all
"other"
networks which should be external to ISA are going through the
external
ISA
NIC. use the "route print" command to check this.
Boy, this is one area I don't have much experience in. The routing
table
is
as follows:
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.100.1
1
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.100
1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100
1
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1
1
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100
1
192.168.100.0 255.255.255.0 192.168.100.1 192.168.100.1
1
192.168.100.1 255.255.255.255 127.0.0.1 127.0.0.1
1
192.168.100.255 255.255.255.255 192.168.100.1 192.168.100.1
1
224.0.0.0 224.0.0.0 192.168.1.100 192.168.1.100
1
224.0.0.0 224.0.0.0 192.168.100.1 192.168.100.1
1
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100
1
Default Gateway: 192.168.1.254
===========================================================================
Does that look right? If not, how can I adjust it?
Third, do you have any VPN site to site networks? if you have any
other
defind networks other that the default networks, try for the moment
to
delete them. only keep the defualt networks, or double check that
they
are
correct. and going through the correct interfaces.
I don't have any VPNs, so we don't have to worry about that.
Finally, make sure that if your DSL modem is NATting to the
internet
that
the network between the Modem internal interface and the ISA
external
interface is not included in the "Internal" network in ISA
As you can see, the Internal network is defined as: 192.168.100.1 -
192.168.100.255
The ISA external NIC is directly connected to the modem Internal
NIC.
Regarding connecting a single client and checking the ISA
configuration,
you
said nothing changed, just want to make sure that you mean the
problem
still
exists.
That's correct, the problem still exists.
waiting for you reply.
Regards,
Mohammed A. Raslan
"Access Lover" <AccessLover@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:8C7A812F-E045-4C0B-A7FC-1EA35674A43C@xxxxxxxxxxxxxxxx
Thank you for the reply and sorry about the missing info.
I am running ISA 2004 Basic SP2 on Win2K Server SP4 and all
clients
are
WinXP Pro SP2. I tried to connect only one client through ISA,
but
nothing
changed. But I did notice these errors all over the Event Viewer
Application
Log and I am not sure if it is relevant to this problem or not:
Warning-Event ID 14141
"ISA Server detected a proxy chain loop. There is a problem with
the
configuration of the ISA Server routing policy."
Error-Event ID 14147
"ISA Server detected routes through adapter NETGEAR FA311/FA312
PCI
Adapter
that do not correlate with the network element to which this
adapter
belongs.
For best practice, the address range of an ISA Server network
should
match
the address ranges routable through the associated network
adapter
as
defined
in the routing table. Otherwise valid packets may be dropped as
spoofed.
(This alert may occur momentarily when you create a remote site
network.
You
may safely ignore this message if it does not reoccur.) The
address
ranges
in conflict are:
0.0.0.1-126.255.255.255;128.0.0.0-192.168.0.255;192.168.2.0-192.168.99.255;192.168.101.0-223.255.255.255;.
"
Error-Event ID 14147
ISA Server detected routes through adapter NDIS 5.0 driver that
do
not
correlate with the network element to which this adapter belongs.
For
best
practice, the address range of an ISA Server network should match
the
address
ranges routable through the associated network adapter as defined
in
the
routing table. Otherwise valid packets may be dropped as spoofed.
(This
alert
may occur momentarily when you create a remote site network. You
may
safely
ignore this message if it does not reoccur.) The address ranges
in
conflict
are:
0.0.0.1-126.255.255.255;128.0.0.0-192.168.0.255;192.168.2.0-192.168.99.255;192.168.101.0-223.255.255.255;.
Thanks you
"Mohammed A. Raslan" wrote:
What version of ISA do you work with?
I guess its ISA 2000.
Anyway most probably its some on the LAN that has a spyware or
infected
by a
virus that is flooding the ISA server with packets ore requests.
Try to monitor your clients, try isolating some clients and
check
how
the
server will react. Put some restrictive rules on the clients
access
to
the
internet.
Make sure that your ISA Server OS and ISA Server software are a
the
latest
serivce pack and host fixes.
Try to send more details such as the verison of ISA and the OS
you
have.
Hope this helps
Regards,
Mohammed A .Raslan
"Access Lover" <AccessLover@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:563CF870-9993-4710-A340-8C2C3712D4B7@xxxxxxxxxxxxxxxx
Hello,
I have an intermittent Internet connection that has been going
on
for
the
past 6 months and you can imagine what kind of chaos it has
done.
The problem is summed up as follows which could have a simple
solution,
only
I don't know about it:
The Physical Connection:
We have a DSL line that is connected to a DSL modem with two
ports.
One
port
is for the DSL line (RJ11) and the other port is going to our
ISA
server
(RJ45). The ISA server has two network cards. One card as
mentioned
is
connected to the DSL modem, while the other one is going to
the
private
network. NAT with Private IP addresses are implemented on the
network.
The Problem:
Connection to the Internet is ok on the ISA server as well as
the
rest
of
the network...just for a while.
The ISA server (as well as the whole network) looses Internet
connection
intermittently after a couple of hours, 6 hours or one day. It
varies,
but
.
- References:
- Re: Internet Intermittent Connection
- From: Mohammed A. Raslan
- Re: Internet Intermittent Connection
- From: Access Lover
- Re: Internet Intermittent Connection
- From: Mohammed A. Raslan
- Re: Internet Intermittent Connection
- From: Access Lover
- Re: Internet Intermittent Connection
- From: Mohammed A. Raslan
- Re: Internet Intermittent Connection
- From: Access Lover
- Re: Internet Intermittent Connection
- From: Mohammed A. Raslan
- Re: Internet Intermittent Connection
- From: Access Lover
- Re: Internet Intermittent Connection
- Prev by Date: Re: Blocking Internet Access?
- Next by Date: Automating Periodic Backup of ISA Configuration?
- Previous by thread: Re: Internet Intermittent Connection
- Next by thread: Antigen SMTP
- Index(es):
Relevant Pages
|
