Proxy chain loop errors
- From: "Jim H" <jimh@xxxxxxxxxxxxx>
- Date: Sun, 11 May 2008 18:55:00 -0400
I am getting these errors from my ISA2004 server.
ISA Server detected a proxy chain loop. There is a problem with the
configuration of the ISA Server routing policy.
I have one ISA Server on a small network. The error is happening because I
have 2 external network cards that both have gateway settings. One is a
cable ISP and one is DSL. I'm not trying to do load balancing or have some
users go out through the cable modem and others through the DSL modem or
anything like that. It's just redundancy/availability. I have a mail
server published and I have the DNS (outside service) setup with 2 MX
records. One for the cable IP and one for the DSL IP, this way if one goes
down the other should be available. Also my network can still access the
internet if one of the ISPs goes down. It doesn't need to be automatic, I
can go and disable the NIC for the ISP that's down if necessary. But I
think dead gateway detection should make everything work without me doing
anything. The second external NIC must have a gateway assigned or outside
mail servers will not be able to make SMTP connections to that IP. It's not
like I can setup a route for every mail server out there.
A lot of what I've been reading has been saying that windows doesn't support
multiple gateways so ISA doesn't either. But that's not entirely true.
Windows does support multiple gateways and does dead gateway detection.
What windows won't do is know if a packet should go out on gateway A or
gateway B. What windows will do is send all packets out on the default
gateway (the one on the NIC listed first in network advanced setting
(adapters and bindings). If that gateway is down it will try the next
gateway in the list which has a default entry in the routing table. That
will now be the new default gateway until something happens to that gateway.
I'm not trying to control which gateway they go out on. I don't really care
which NIC the internet packets go out on as long as they go out.
I think I have everything setup correctly. Everything works fine, but after
a couple days I started getting these warnings sporadically. Looking at the
ISA server logs, the times of the warnings correspond to http requests
(antivirus updating itself) that are going out on NIC B instead of NIC A. I
don't know why this would happen unless the cable modem lost its connection,
but again, it doesn't really matter since both NICs send the packets out.
In my case, can I ignore these warnings?
Sorry for the long post, I thought the details were important.
Thanks in advance,
jim
.
- Follow-Ups:
- Re: Proxy chain loop errors
- From: Jim Harrison \(ISA SE\)
- Re: Proxy chain loop errors
- Prev by Date: Re: problem with dhcp sever
- Next by Date: problem with dhcp sever
- Previous by thread: isa server intermittent connection
- Next by thread: Re: Proxy chain loop errors
- Index(es):
Relevant Pages
|
