Re: SBS2003 ISA Server cannot access www.microsoft.com
From: Les Connor [SBS MVP] (les.connor_at_DEL.cfive.ca)
Date: 05/13/04
- Next message: Les Connor [SBS MVP]: "Re: OWA Loading"
- Previous message: William Smith: "Re: Unistalling ISA and Mac OS X"
- In reply to: Grant Morgan: "SBS2003 ISA Server cannot access www.microsoft.com"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 12 May 2004 22:18:19 -0500
See if this is the issue, Grant. (applies to upgrades)
Run the command:
dnscmd /Config /EnableEDnsProbes 0
This will disable EDNS queries (which allow for UDP packet > 512 bytes,
which some DNS servers may simply be dropping). If this doesn't fix the
problem, you can re-enable EDNS with the command:
dnscmd /Config /EnableEDnsProbes 0
If it works, then you can read some more in kb articles that MSNewbie posted
(thanks!)
-- Les Connor [SBS MVP] ------------------------------------- SBS Rocks ! "Grant Morgan" <grant@storeline.com.au> wrote in message news:ujDsuYJOEHA.3492@TK2MSFTNGP10.phx.gbl... > I am a long time user of SBS2000, and recently upgraded to SBS2003 Premium > > SERVER: Dell Poweredge Xeon 2400 1024Mb Ram, 3 x mirrored 18gb SCSI (6 > drives total), Intel Gigabit NIC (running at 100Mb/s), Netcomm ADSL router > with UPNP > > SOFTWARE: SBS 2003 premium using ISA2000 as firewall - ICW Run Successfully. > Using POP3 connector (ie. we don't host our own domain) > > CLIENTS: Win XP Pro SP1 running MS Firewall Client + IE 6 SP2 > > Since the upgrade, no machine on the network can access www.microsoft.com or > www.symantec.com. Can access windowsupdate, msdn, technet, support site, but > nothing starting with www.microsoft.com (or go.microsoft.com) or > www.symantec.com. > > If I disconnect the server and plug a laptop straight into the router, there > is no problem in accessing these sites. > > There is a INET 11004 error recorded in the Web Proxy log. > > Dumps from log and NSLookup appear below... > > HELP! > > Thanks > > > Line from Web Proxy Log: > ======================== > 192.168.16.58, STORELINE\MyUserName, Mozilla/4.0 (compatible; MSIE 6.0; > Windows NT 5.1; .NET CLR 1.1.4322), Y, 5/13/2004, 9:20:19, w3proxy, > SERVER, -, www.microsoft.com, -, 80, 23203, 484, 0, http, TCP, GET, > http://www.microsoft.com/, -, Inet, 11004, 0x0, Small Business Internet > Access Protocol Rule, Allow rule > > > NSLookup with debug option: > =========================== > Default Server: server.MyCompanyName.local > Address: 192.168.16.2 > > > set debug > > microsoft.com > Server: server.MyCompanyName.local > Address: 192.168.16.2 > > ------------ > Got answer: > HEADER: > opcode = QUERY, id = 2, rcode = NXDOMAIN > header flags: response, auth. answer, want recursion, recursion > avail > questions = 1, answers = 0, authority records = 1, additional = 0 > > QUESTIONS: > microsoft.com.MyCompanyName.local, type = A, class = IN > AUTHORITY RECORDS: > -> MyCompanyName.local > ttl = 3600 (1 hour) > primary name server = server.MyCompanyName.local > responsible mail addr = hostmaster > serial = 235 > refresh = 900 (15 mins) > retry = 600 (10 mins) > expire = 86400 (1 day) > default TTL = 3600 (1 hour) > > ------------ > ------------ > Got answer: > HEADER: > opcode = QUERY, id = 3, rcode = NOERROR > header flags: response, want recursion, recursion avail. > questions = 1, answers = 2, authority records = 0, additional = 0 > > QUESTIONS: > microsoft.com, type = A, class = IN > ANSWERS: > -> microsoft.com > internet address = 207.46.245.214 > ttl = 1503 (25 mins 3 secs) > -> microsoft.com > internet address = 207.46.245.222 > ttl = 1503 (25 mins 3 secs) > > ------------ > Non-authoritative answer: > Name: microsoft.com > Addresses: 207.46.245.214, 207.46.245.222 > > >
- Next message: Les Connor [SBS MVP]: "Re: OWA Loading"
- Previous message: William Smith: "Re: Unistalling ISA and Mac OS X"
- In reply to: Grant Morgan: "SBS2003 ISA Server cannot access www.microsoft.com"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
