Re: DHCP Inside / Outside
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Wed, 26 Apr 2006 21:16:29 -0500
"Scott Ford" <removethis.scott@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:607D86DA-AB4E-4C5D-A75F-69C894D7F077@xxxxxxxxxxxxxxxx
Thanks for the reply Herb. I do not have a DHCP relay installed in the ISA
config. I do have Routing and Remote access enabled and a VPN client can
get
an IP address in teh 10.0.x.x range.
Relay Agent is an element (only one of many) of RRAS.
RRAS and ISA are antagonistic to each other in many
ways and having them both enabled MAY (not always,
depends on the specific features) cause interference
which includes strange behavior.
Could this be allowing ISA to broadcast
DHCP requests back to the external interface? I have a friend who feels
like
it could, so during the night i will try shutting down R&RA to see if an
internal client can still get an external address. I cant find anything
else
on the ISA server that could be broadcasting bridged DHCP requests.
I personally have a love/hate relationship with ISA,
otherwise I would probably be an ISA MVP too.
ISA is a fantastic product in theory, but has shown
too many inconsistencies and strange dependencies
to make me comfortable -- I do run it on some machines
but have a lot of trouble recommending it whole
heartedly and find it problematic to troubleshoot due
to it's erractice and unpredicatable behavior at times.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
--
Scott Ford
Information Services
Starlite Entertainment
"Herb Martin" wrote:
"Scott Ford" <removethis.scott@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:EB7BE3A1-7035-4DA3-93F8-6C7934D7397D@xxxxxxxxxxxxxxxx
I have a Windows 2K ISA server as a gateway. Its set up standard with an
inside and an outside NIC. Inside is on 10.0.x.x range. Outside NIC IP
range
is 192.168.1.x. I want to put a wireless access point on the outside
range
and have my router serving DHCP to 192.168.1.x ... I would like this
to
NOT
interfere with the DHCP server I have on the inside range that is
serving
DHCP to 10.0.x.x ... I have tried this a couple times, but always find
clients on the inside still receive IP addresses inthe 192 range.
That should never happen in DHCP (it could be some weird
issue with ISA but I doubt it; you can ask about that on the ISA
newsgroup.)
A DHCP server should ONLY hand out IP addresses for the
scope(s) which match it's NICs (if directly connected to the
requesting clients) AND to the scopes which match remote
subnets if forwarded by a DHCP relay or Bootp forwarder.
There is no reason a basic DHCP server would ever hand
out 192.x scope addresses on it's 10.net NIC or vice versa.
I have
tried blocking UDP ports 67 and 68 at the ISA server, but it isnt
stopping
the problem. Whats the best solution for this?
Make sure the ISA is not acting as a DHCP relay or
BootP forwarder but it should NOT be doing that
as a DHCP server cannot also be a forwarder (in the
docs that I have read, but of course I have never
tried it since it makes no sense.)
Does ISA think that 192.168 machines are INTERNAL or
EXTERNAL? (As described it sounds like they should
NOT be internally defined.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
--
Scott Ford
Information Services
Starlite Entertainment
.
- Follow-Ups:
- Re: DHCP Inside / Outside
- From: Scott Ford
- Re: DHCP Inside / Outside
- References:
- Re: DHCP Inside / Outside
- From: Herb Martin
- Re: DHCP Inside / Outside
- From: Scott Ford
- Re: DHCP Inside / Outside
- Prev by Date: Re: DHCP Inside / Outside
- Next by Date: Re: Map drive Windows 98 <--> Windows 2003 SBS
- Previous by thread: Re: DHCP Inside / Outside
- Next by thread: Re: DHCP Inside / Outside
- Index(es):
Relevant Pages
|
