Still having firewall issues
- From: "BoboTWG" <aaron.nospam@xxxxxxxxxx>
- Date: Thu, 15 Dec 2005 03:43:38 GMT
It appears that the firewall problem is still not resolved. I am pasting my
original post below. Any help would be greatly appreciated. The Warning
about routes through our internal NIC that do not correlate with the
network element to which this adaptor belongs do not appear any more but I
am still getting Warning about spoof attacks.
The warning is:
Source: Microsoft Firewall
Catagory: Packet Filter
Event ID: 15108
Description: ISA Server detected a spoof attack from IP address 192.168.16.4
(this address varies with each warning - most are external addresses). A
spoof attack occurs whn an IP address that is not reachable via the
interface on which the packet was recieved. If logging for dropped packets
is set, you can view details in the packet filter log.
I have no idea what to do here. Any help in greatlly appreciated.
Thank you in advance.
Begin Paste ****Hello. I have been having problems with our internet
connectivity since the
SP upgrade. We are running SBS2003 Premium, 2 NIC setup.
I had been getting a warning in the event viewer stating that there are
routes through our internal NIC that do not correlate with the network
element to which this adaptor belongs. The message showed three different
address ranges.
I followed the instructions in KB884496
(http://support.microsoft.com/?id=884496) . The internet connection still
seems slow and I am still getting the following message:
ISA Server detected routes through adapter Server Local Area Connection that
do not correlate with the network element to which this adapter belongs. For
best practice, the address range of an ISA Server network should match the
address ranges routable through the associated network adapter as defined in
the routing table. Otherwise valid packets may be dropped as spoofed. (This
alert may occur momentarily when you create a remote site network. You may
safely ignore this message if it does not reoccur.) The address ranges in
conflict are: 192.168.16.12-192.168.16.12;.
This address is assigned to my server according to DHCP. I do not know what
to do next. Thank you in advance for your assistance.***** End of paste.
Thanks to Susan Bradley I did this -
If this is an upgrade from 2000
ISA
servername
General
Click on client connection
adjust the tcp/ip connections per client from 40 to 160
After talking to Marina I did the following - After I went back into ISA and
deleted all of the address ranges and then added my adaptor. FOr some reason
the adaptor added the following two ranges -
192.168.16.0 - 192.168.16.12
192.168.16.14 - 192.168.16.255
I have no idea what to do next. Please help.
Aaron
.
- Follow-Ups:
- RE: Still having firewall issues
- From: "Crina Li"
- RE: Still having firewall issues
- Prev by Date: RE: RWW fails from Internet
- Next by Date: Re: ADMT tool for AD migration
- Previous by thread: RE: sbs2003 to windows 2003
- Next by thread: RE: Still having firewall issues
- Index(es):
Relevant Pages
|
