Re: DHCP and companyweb problems

Hi David

Thanks for responding. In answer to your questions:

If the DHCP traffic is being denied by ISA which rule is it showing that is
denying it?

From the Logging feature of the ISA console:

Dest IP: 255.255.255.255 (?)
Dest Port: 67
Protocol: DHCP (request)
Action: Denied connection
Rule: This is blank
Source Network: Internal
Dest Network: Local Host


Do you have the SBS Protected Networks Access Rule?

Yes

Is it enabled?

Yes

Do you have any explicit Deny rules defined?

No
SBS FTP Server Access, RDP Server Access, RDP Outbound disabled. Other wise,
standard SBS from the internet connection wizard.

Any ideas?

Thanks

"David Copeland [MSFT]" wrote:

Stuart,

If the DHCP traffic is being denied by ISA which rule is it showing that is
denying it? Do you have the SBS Protected Networks Access Rule? Is it
enabled? Do you have any explicit Deny rules defined?


--


Hope that helps,
David Copeland
Microsoft Small Business Server Support

This posting is provided "AS IS" with no warranties, and confers no rights.


SBS Newsgroups:

SBS v4.x: microsoft.public.backoffice.smallbiz
SBS 2000: microsoft.public.backoffice.smallbiz2000
SBS 2003: microsoft.public.windows.server.sbs

"Stuart" <Stuart@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:217D44BA-F97B-4F5A-B6BD-FC12D6533349@xxxxxxxxxxxxxxxx
Thanks for your reply. I'll answer your questions in order:

1)Clients have been manually set to SBS Server IP for DNS (couldn't get it
working any other way)
2)Clients are all members of the domain - mapped drives, outlook, internet
acces all works but only with static IP addresses.
3) Ping is successful from command prompt - yes, I was suprised too!
4) Ping to companyweb.contoso.local. was successful
5) Client name is correct
6) PDA's - have to set up the network cards in use by the PDA to have
static
IPs otherwise they won't synchronise.
7) ipconfig /release gives the following message:

C:\>ipconfig /release

Windows IP Configuration

No operation can be performed on Local Area Connection while it has its
media di
sconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Ethernet adapter Local Area Connection 1G:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.0.52
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.10

Ethernet adapter Activesync:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :

Physical Address: 00-11-5B-F6-65-3A
IP Address: 169.254.90.52
Subnet Mask: 255.255.0.0
Default Gateway:
DNS Server: 192.168.0.10
WINS Server:

And yet I have full interent access with clients on manual IPs.

Are the clients able to get DHCP addresses now? NO

[If not, you may want to go into ISA's mmc under the Monitoring/Logging
and
start up a live log and then try to do an ipconfig /release and ipconfig
/renew on a client machine configured to use DHCP and then see if ISA a)
shows the traffic and b) is it
allowing or denying it? Also, if you haven't already verify that the
DHCP
Server/DHCP client services are running and set to automatic on the
server.]

Logging shows DHCP requests being denied.

DHCP is running and has been restrted numerous time.

Server can reach companyweb just using http.

Any ideas gratefully received!


"David Copeland [MSFT]" wrote:

Stuart,

Can you check the following on the client machines..
1) Are they only pointing to the SBS server for DNS?
2) Are they members of the SBS domain?
3) From a command prompt ping the name companyweb (ping companyweb) does
it
resolve? Would suspect it wouldn't at this point.
4) From a command prompt ping the name companyweb.contoso.local. where
the
contoso.local part is your AD domain name. (Note the trailing period on
the
end. This is to make it a fully qualified domain name)
5) If you right click on My Computer and select Properties, then click on
the Computer Name what does it show for the Domain Name? It should be the
same as the SBS servers AD domain name.


As far as the PDA's go were you using the Internet domain name or the
servers internal name?

Are the clients able to get DHCP addresses now? If not, you may want to
go
into ISA's mmc under the Monitoring/Logging and start up a live log and
then
try to do an ipconfig /release and ipconfig /renew on a client machine
configured to use DHCP and then see if ISA a) shows the traffic and b) is
it
allowing or denying it? Also, if you haven't already verify that the
DHCP
Server/DHCP client services are running and set to automatic on the
server.


--


Hope that helps,
David Copeland
Microsoft Small Business Server Support

This posting is provided "AS IS" with no warranties, and confers no
rights.


SBS Newsgroups:

SBS v4.x: microsoft.public.backoffice.smallbiz
SBS 2000: microsoft.public.backoffice.smallbiz2000
SBS 2003: microsoft.public.windows.server.sbs

"Stuart" <Stuart@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:55313A21-08DB-4BEB-AC6A-DCD817AE373D@xxxxxxxxxxxxxxxx
Thanks for your reply David

I checked ISA and the DHCP settings are correct. I think there may be a
DNS
clue here though. The PDAs couldn't connect to the server to
synchronize
with
Exchange using the exchange server name. However, once I changed it to
the
IP
address, they worked fine.

On the server, I can just type 'companyweb' and get to
http://companyweb/default.aspx. This is correct.

On the clients, I type 'companyweb' and IE goes to the default serach
engine
- it would appear it can't resolve the name. When 'https://companyweb'
is
used it is all fine.

This leaves me with a small problem on 'companyweb' but I can get round
that. None of the clients on the network seem to work without static IP
addresses - which is a problem.

Does this help explain better.

Great last name by the way.
Cheers
Stuart (Copeland)



"David Copeland [MSFT]" wrote:

Stuart,

With respect to the DHCP, be sure to check in ISA under
servername/Configuration/Networks and double click on the Internal
network
(on the Networks tab) and then click on the Addresses tab. Be sure
that
the
address range includes the broadcast address. For example, if you are
using
a 192.168.16.x IP range with a subnet mask of 255.255.255.0 then the
Start
Address should be 192.168.16.0 and the End Address would be
192.168.16.255.

For companyweb, internally you can get to it using http://companyweb
and
externally you can connect to it using https://fqdn:444 correct? Then,
do
you really want users on the Internet connecting to the Intranet web
site
(Companyweb) unencrypted?

By default, the /exchange virtual directory is configured to require
SSL
to
connect, and SBS has an ISAPI filter in IIS that will redirect a user
that
enters in http://fqdn/exchange to https://fqdn/exchange so that the
connection will be encrypted using SSL.
It should also do the same for http://fqdn/remote as well.


---

Hope that helps,
David Copeland
Microsoft Small Business Server Support

This posting is provided "AS IS" with no warranties, and confers no
rights.


SBS Newsgroups:

SBS v4.x: microsoft.public.backoffice.smallbiz
SBS 2000: microsoft.public.backoffice.smallbiz2000
SBS 2003: microsoft.public.windows.server.sbs

"Stuart" <Stuart@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C89976F4-B6CF-44E1-9F87-7E0FB477B736@xxxxxxxxxxxxxxxx
I have SBS2003 SP1 with ISA2004 SP2 and Exchange SP2. All was working
fine
but web surfing was slowing down at clients.

Re-ran the SBS internet connection wizard, resetting the ISP DNS
servers
to
match those on the router. All other DNS settings point to the SBS
box.

I independtly restarted DNS and DHCP.

Web surfing now back to normal. Two new problems:

1. Can't access the companyweb via http, but can with HTTP. I have
noticed
only HTTPS is given in the SBS created ISA rule. I can access via
HTTP
on
the
server itself.

2. I am unable to 'repair' client NIC IP addressing to refesh their
IP
address. I have had to manually assign all IP addresses and DNS
settings.
i..e DHCP no longer seems to be talking to the clients even though
it
shown
as running on the server.

Any help gratefully received.









.

Relevant Pages

  • RE: Fax monitor incoming + outgoing calls?
    ... problem between the client computer and the SBS server. ... Client is using the internal IP address of the SBS server as the ... To the folder redirection GPO issue: ...
    (microsoft.public.windows.server.sbs)
  • RE: (Very) Slow browsing server shares - Net Work Monitor shows ca
    ... If this issue happen only when browse shared folders on SBS from one XP ... client computer, this will be a client side error. ... click to check the "Hide All Microsoft Services" ... Digitally sign communications (if server ...
    (microsoft.public.windows.server.sbs)
  • RE: No Client or Server Desktop Access Through RWW SBS 2003 SP2
    ... internal client Remote Desktop via RWW. ... Please perform the steps on the SBS and internal client computers: ... Click Remote tab, tick Enable Remote Desktop on this computer ... On the SBS server, click Start, click Run, type "regedit" (without the ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 SBS on same network.
    ... Dhcp is the first issue which as you say easily solved by switching off dhcp ... The exercise had only one client connected to each server, ... SBS running happily? ...
    (microsoft.public.windows.server.sbs)
  • RE: trouble with shared fax service
    ... Thank you for posting in SBS newsgroup. ... install fax service on client computers. ... the SBS server or on the client workstation. ... and then choose 'Install' for the 'Fax Services' item. ...
    (microsoft.public.windows.server.sbs)