Questions

Connecting to domain error after ISA 2003 installation

+
0 Votes
Locked

Connecting to domain error after ISA 2003 installation

DaveDXB
After installing ISA 2003, I noticed i cannot connect to my domains...

Currently ISA is set up and acting as a NAT server gateway for my Internet in the network.

And another computer is running as domain server...so they are seperate.

2 network cards....one connected to internet...other to swtich which distributes internet to all employees.

After research...i beleive the problem is not with my DNS or Network configuration....i beleive it has something to do with ISA blocking the domains by default.

I aslo read that you need the firewall client to be installed on client pc's to connect to a domain? is that true?

I dont think you neccessarily do?

Here are the results of some commands to help you better understand the scenario.

ISA 2003 Server IP: 192.168.77.21

Domain Sever IP: 192.168.77.20

---------------------------------

nslookup>
>set q=srv
>_ldap._tcp.dc._msdcs.mydomain.local

Server: computer_name.mydomain_name.local

DNS request timed out.
timeout was 2 seconds
DNS request timed out.
timeout was 2 seconds
*** Request to computer_name.mydomain_name.local timed-out

-------------------------------------------

I read something about ISA blocking your domain server computers if you do not manually confirgure the routes...

I already did

Command prompt:

Route add -p 192.168.77.0 MASK 255.255.255.0 192.168.77.0
------------------------------------------

I still need to test what the problem is by removing the actual computer that has ISA on it from the network...and then try to connect to the domain server..

You assistance is appreciated.
  • +
    0 Votes
    CG IT

    see isaserver.org it's the best place to get answers on ISA server

    +
    0 Votes
    mjwx

    It had to do with RPC restrictions put in place by ISA 2004 (I'm assuming you mean 04 as there was no ISA 03, but it comes bundled with SBS 03 so I understand any confusion).

    Anyway you may want to install the latest SP for ISA (1 or 2 I cant remember) which fixes amongst other things the RPC restrictions. If this is on your SBS domain controller you will need to patch the entire server not just ISA but if it is on a separate server you can get away with only patching ISA.

    I'm not sure how you go about patching SBS but I know its not a good idea to SP the components separately.

    +
    0 Votes
    DaveDXB

    So you think this has something to do with the RPC eh....I will test and see...

    I still didnt have the chance to do any testing because our office works 24/7

    I will do it soon and update you guys.

    +
    0 Votes
    DaveDXB

    looks like you shudnt block protocol called

    "LDAP (UDP)"

    This is responsible for connecting to a domain server.

  • +
    0 Votes
    CG IT

    see isaserver.org it's the best place to get answers on ISA server

    +
    0 Votes
    mjwx

    It had to do with RPC restrictions put in place by ISA 2004 (I'm assuming you mean 04 as there was no ISA 03, but it comes bundled with SBS 03 so I understand any confusion).

    Anyway you may want to install the latest SP for ISA (1 or 2 I cant remember) which fixes amongst other things the RPC restrictions. If this is on your SBS domain controller you will need to patch the entire server not just ISA but if it is on a separate server you can get away with only patching ISA.

    I'm not sure how you go about patching SBS but I know its not a good idea to SP the components separately.

    +
    0 Votes
    DaveDXB

    So you think this has something to do with the RPC eh....I will test and see...

    I still didnt have the chance to do any testing because our office works 24/7

    I will do it soon and update you guys.

    +
    0 Votes
    DaveDXB

    looks like you shudnt block protocol called

    "LDAP (UDP)"

    This is responsible for connecting to a domain server.