Re: Error message (id 14147) occurs everytime a new VPN user conne
- From: EdA <EdA@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 31 Jan 2007 11:29:01 -0800
Thanks Phil.
Is there a way to specify a static IP address that my RRAS server will use
or some other work around to prevent these error messages from getting logged?
"Phillip Windell" wrote:
Look at the last couple of lines in the message.....
Note that this event may be
generated once after you add a route, create a remote site network, or
configure Network Load Balancing and may be safely ignored if it does not
re-occur.
The VPN "adds a route", and may even "create a remote site network",...so as the
error text said,...just ignore it.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed (as annoying as they are, and as stupid as they sound), are
my own and not those of my employer, or Microsoft, or anyone else associated
with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------
"EdA" <EdA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7B6B6018-0139-40CF-B48D-5D5758BEFAAA@xxxxxxxxxxxxxxxx
Every time a vpn user connects to my ISA server an Event error is logged.
Here is my setup:
I have setup ISA 2006 on Windows 2003 R2 and setup VPN for client access.
VPN addresses are assigned via DHCP from our internal DHCP server and
internal clients and vpn clients all use the same scope. The RRAS service
picked up the address 192.168.10.112 to use for the RAS server interface. My
internal network was setup prior to implementing VPN and the Internal network
is 192.168.10.0 thru 192.168.10.255.
If I redo my Internet network to not include the .112 address the error is
not logged. But is that really what you have to do in this situation? What
happens if the RRAS server receives a different IP address from DHCP in the
future?
Here is a sample Event Log error entry:
Event Type: Error
Event Source: Microsoft Firewall
Event Category: None
Event ID: 14147
Date: 1/31/2007
Time: 1:12:40 PM
User: N/A
Computer: CCIISASRVR02
Description:
ISA Server detected routes through the network adapter External - Broadcom
NetXtreme Dual Port Gigabit Ethernet Adapter - onboard 2 that do not
correlate with the network to which this network adapter belongs. When
networks are configured correctly, the IP address ranges included in each
array-level network must include all IP addresses that are routable through
its network adapters according to their routing tables. Otherwise valid
packets may be dropped as spoofed. The following ranges are included in the
network's IP address ranges but are not routable through any of the network's
adapters: 192.168.10.112-192.168.10.112;. Note that this event may be
generated once after you add a route, create a remote site network, or
configure Network Load Balancing and may be safely ignored if it does not
re-occur.
- Prev by Date: Re: Disable Windows Messenger through ISA Server 200
- Previous by thread: Re: Disable Windows Messenger through ISA Server 200
- Index(es):
Relevant Pages
|
