Re: ISA 2004 Site Blocking - where am I going wrong?

Tech-Archive recommends: Fix windows errors by optimizing your registry

Thanks to Steve and SBS Rocker. I'll give these suggestions a try on my next
site visit (this one is too hard to troubleshoot remotely). My ISA server is
at SP3 so I'm sure that's not it, but the DHCP rule should do the trick.

I'll post back when I get it worked out.

Lesa

"SBS Rocker" <noreply@xxxxxxxxxxxx> wrote in message
news:e7arh0l6HHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
Hi Lesa,
I had the same similiar situation but not sure if it was related to your
cause. Actually I'm not too sure if by creating blocked website rule
affected your DHCP. What happened to me I was never able to pinpoint the
cause other than perhaps some WSUS updates but I ran into the same issue
as you where my DHCP clients were no longer able to renew leases after the
expiration. I could manually input a static to that machine and all was
fine. So after a bit of investigating and discussions with some friends I
found that my ISA was not allowing renewals because it lacked a DHCP rule
for both ways for "request" and "reply". When you installed ISA 2004 it
created the SBS Localhost DHCP Access Rule / Allow / DHCP (reply) / from
Localhost to Internal.

You need to create a "request" rule.

Name: DHCP Internal Request Rule
Action: Allow
Protocol: DHCP (request)
From: Internal
To: Localhost

Try this and I'm sure you'll be ok.


"Steve" <newsgroup@xxxxxxxxxx> wrote in message
news:%232salvk6HHA.3400@xxxxxxxxxxxxxxxxxxxxxxx
Have you installed ISA 2004 SP3? If not try that. If you still have a
problem you may need to manually add rules for DHCP even though there
should be system rules by default.:

http://www.microsoft.com/technet/isa/2004/plan/isaondhcpserver.mspx

"Lesa H." <itsplesa@xxxxxxxxxxxxxx> wrote in message
news:%23NO4Pkk6HHA.2752@xxxxxxxxxxxxxxxxxxxxxxx
To any of the ISA 2004 guru's out there - I have a customer who has a
requirement to block certain web sites from a group of users (myspace
blocked from student access at a school for instance). We have a
security group setup and the users are added to the list. It seems
pretty straight forward to setup the rule, but somehow after I get the
rule setup to block the sites, DHCP function on the server is blocked. I
am unable to renew the IP after releasing it. I have tried to do the
monitoring to see which rule is blocking DHCP, but it produces no
results.

If someone can give me instructions for creating a rule that will block
specific web sites and not block DHCP I would be forever grateful.

Thanks in advance,

Lesa







.

Relevant Pages

  • Re: Multiple errors
    ... Basically the ISA server uses the "SBS Protected Networks access rule" to ... Networks access rule", the DHCP request may not apply to the correct access ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP Problem
    ... What happens if you move the DHCP Firewall Policy rule, in ISA 2004, to ... Unable to contact a DHCP server. ... Denied Connections started showing up in the ISA logs seconds later. ...
    (microsoft.public.backoffice.smallbiz)
  • Re: DHCP Problem
    ... Internet Security and Acceleration Server 2004 Standard ... An ISA repair might be order. ... Why DHCP Stops Working After You Add a Custom Access Rule ...
    (microsoft.public.backoffice.smallbiz)
  • Re: Wierd ISA SBS Internet Access Rule Problem?
    ... DHCP Not Working After Applying ISA 2004 SP2? ... I've come across reports of 7 separate servers where after installing ISA ... Clients were unable to contact the server for DHCP, Time, or WSUS. ... including after the ISA2004 SP2 installation. ...
    (microsoft.public.windows.server.sbs)
  • RE: DHCP running on ISA
    ... This really was not an ISA problem as it turned out. ... uninstalled/reinstalled DHCP on the ISA Server 2006. ... Microsoft ISA Server 2006: Enterprise Edition Installation Guide ...
    (microsoft.public.isa)