Re: HTTP trouble in 2004

From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 03/04/05 

Date: Fri, 4 Mar 2005 15:10:57 +1100

Hi Perry

You can use the Logging tab under Monitoring to start a query and watch
which rules fire when you attempt a ping. If you've got the default Deny
rule last and you get all the way past your other rules, you know there's
something about those rules which prevent them from being validated and
allowing the connection.

HTH 

-- 
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to email 
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no rights.
"Perry Rutter" <prutter@lutzcpa.com> wrote in message 
news:ehqsg0EIFHA.236@TK2MSFTNGP14.phx.gbl...
> Mark,
>
> I made the access policies and still no good.  I get an error code 11002:
> host not found message.  The gateway could not find an authorative DNS
> server or the website you are trying to reach.  The funny part that I 
> don't
> understand is why can't I ping the public address of the DC.  I have a 
> rule
> setupfor ping and still can't.  Any ideas?
>
> Perry
>
> "Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
> news:eq%23vYCEIFHA.2744@tk2msftngp13.phx.gbl...
>> Hi Perry
>>
>> I think you're going to need to set up access policies between "Local
> Host"
>> and "Internal" so that the machine can function as a DC.  I realise 
>> you've
>> probably done this to minimise the hardware cost but it's probably better
>> separating the DC role from the ISA Server role.
>>
>> HTH
>> -- 
>> Mark Renoden [MSFT]
>> Windows Platform Support Team
>> Email: markreno@online.microsoft.com
>>
>> Please note you'll need to strip ".online" from my email address to email
>> me; I'll post a response back to the group.
>>
>> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>>
>> "Perry Rutter" <prutter@lutzcpa.com> wrote in message
>> news:uQEK%23eDIFHA.3612@TK2MSFTNGP09.phx.gbl...
>> >I appear to be an ISA dummy and have a small problem.  I'm setting up a
>> > small test network with a DC and a workstation.  I have ISA 2004
> installed
>> > on this DC with 2 nics (int = 192.168.2.2 and ext = 216.?.?.?). The
>> > external
>> > nic is  connected to my DMZ.  Everything appears to be setup correctly,
> i
>> > think.  I was having a DNS isue that prevented my workstaion from
> joining
>> > the domain but that is fixed.  I have the DC as the DNS server and the
> ISA
>> > server.  My nics are setup with teh DC being the DNS server and my IE
>> > poits
>> > to the proxy setting of the DC.  As it stands now the error i get is
> Error
>> > Code 502.  Proxy error and I can't get any internet traffic.  I have 
>> > teh
>> > rules setup and they are setup from the ISA getting started guide.  Can
>> > anyone get me pointed in the right direction?  Thanks.
>> >
>> > Perry
>> >
>> >
>>
>>
>
>