Re: WPAD and Manual Proxy server setting for IE (for internal acce

On Jul 26, 2:32 pm, "Phillip Windell" <philwind...@xxxxxxxxxxx> wrote:
It is very simple.
You never ever ever include any other DNS server in the DNS setting of any
machine anywhere on the LAN (including the ISA) that is not your AD/DNS
Server.

i understand this and i agree with you on this.


You do not put the ISP's DNS on the external nic and the AD/DNS on the
intenral Nic. You either put the AD/DNS on both nics or put it on just one
nic and leave the other blank.

im confused with this part. explain this if i connected ext nic
directly to the modem which automatically assigns all settings from
isp inc isp DNS server. do you see what i mean and why im confused.
becuase my ISA is behind the router i can manually assign settings to
my isa ext nic, like you have suggested, but in a real work enviorment
you would connect the ext nic directly to the modem or so i think..

thanks for your time and help. and sorry that i keep asking same
question, im sure with your help penny will soon drop.

thanks


--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"mcp" <zafarhuss...@xxxxxxxxxxxxxxxx> wrote in message

news:1185403652.964218.120360@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx



On Jul 25, 10:27 pm, "Jim Harrison \(ISA SE\)"
<jmh...@xxxxxxxxxxxxxxxxxxxx> wrote:
What Phil says is true for the most part.
The good news is that PSS engineers have been working very hard to
collaborate with ISVs on ISA plug-in issues and will make every
reasonable
effort to keep the ISV engaged.
Of course, the ISA customer needs to have a case open in both directions
(allows both to manage the case properly).
Yes, some efforts have failed, but most succeed in fine style.

--
Jim Harrison (ISA SE)

This posting implies no warranty and confers no
rights.http://catb.org/~esr/faqs/smart-questions.html

"Phillip Windell" <philwind...@xxxxxxxxxxx> wrote in message

news:e8ixNjvzHHA.4712@xxxxxxxxxxxxxxxxxxxxxxx"mcp";
<zafarhuss...@xxxxxxxxxxxxxxxx> wrote in message

news:1185393719.883553.211600@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

dhcp server assigns clients. like i said dhcp scope option has my dns
server as 192.168.0.5, but for some reason clients are picking
10.0.0.1 which is the isa defualt gateway ip. Not all but some
clients.

Ok, I see.
Well something is giving that to them,...they can't just "pick it up" on
their own. They are either statically configureded machines and you just
haven't noticed it,...or their is a second DHCP Service running
somewhere.

Run "ipconfig /all" on those machines so it will list what DHCP Service
it
picked up the settings from.

If it is the correct DHCP then verify that you don't have conflicting
Scope
Options and Server Options. You should use the Server Options for DNS
and
not the Scope Options becuase DNS is global and is the same no matter
what
subnet the client is in.

--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or
Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule
Processinghttp://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server
2004http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-...

Microsoft Internet Security & Acceleration Server:
Partnershttp://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware
Solutionshttp://www.microsoft.com/forefront/edgesecurity/partners/hardwarepart...
-----------------------------------------------------

thanks for your reply Jim, its becoming clear now. i had DHCP enabled
in my firewall/router.

Jim can you please clear some points about two nic cards. Phil has
explained but need more clarification.

internal Nic, i have ip address, subnet, NO defualt gateway, for DNS
do i have to put my domain internal DNS server ip, or nothing??
external Nic, i have ip address, subnet, defualt gateway, for DNS do i
put my internal domain DNS server ip or what?? im not connected
directly to the modem, im behind a router, and the router is connected
to the modem. so in theory i have another network..if you see what i
mean..

im a bit confused with these settings.

also do you have any clues as toWPADdoes not work automatically on
firewall client, manually it detect fine.

thanks for your help guys..- Hide quoted text -

- Show quoted text -


.

Relevant Pages

  • Re: Isa Server 2006
    ... the only one with two nics. ... machine that is not the ISA SERVER?? ... Get rid of the DSL box and physically replace it with the ISA ... DNS & WINS 192.168.1.1 ...
    (microsoft.public.isaserver)
  • Re: DNS service Failure Error 6
    ... The DNS ... In the DNS server Forwarders have been ... cards thru the registry. ... Suggestions, and keep in mind, when mentioning "other NICs", they are the ...
    (microsoft.public.win2000.dns)
  • Re: WPAD and Manual Proxy server setting for IE (for internal acce
    ... DNS entry. ... machine anywhere on the LAN (including the ISA) that is not your AD/DNS ... You either put the AD/DNS on both nics or put it on just ... isp inc isp DNS server. ...
    (microsoft.public.isa)
  • Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
    ... >> for MS networks was bound to both the internal and external NICs. ... > How is the internal DNS resolving external names with out a gateway? ... > pick up the loopback address or use DHCP to get the DNS server. ...
    (microsoft.public.win2000.networking)
  • Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
    ... >> for MS networks was bound to both the internal and external NICs. ... > How is the internal DNS resolving external names with out a gateway? ... > pick up the loopback address or use DHCP to get the DNS server. ...
    (microsoft.public.win2000.dns)