Last week, we were installing SBS SP1 for one of our SBS Premium customers. Naturally, we upgraded their ISA 2000 to ISA 2004, which went very smoothly. The only problem was that after the upgrade to ISA 2004 was complete, none of their workstations could pull an IP via DHCP. We verified that the DHCP Server service was running, and tried restarting the DHCP Server service, as well as rebooting the server - both to no avail.
Well, it turns out that this is at least partially my fault. You see, when I set up ISA 2000, I never let ISA build the LAT table for me - I always manually specified the internal address range I wanted. So for an SBS using the default IP of 192.168.16.2, I would specify a LAT of 192.168.16.1 to 192.168.16.254.
ISA 2004 varies from ISA 2000 in that it firewalls all network interfaces, including the internal interface. My DHCP problem was that DHCP requests happen via the broadcast address of .255 - since my LAT entry ended at .254 - ISA blocked the traffic, so the DHCP Server never received the client request, and the client thus was unable to pull an IP via DHCP.
SO - if you encounter this problem, open your ISA Management console, and expand <servername> | Configuration | Network. Select the Internal network, and edit it to include .255
Wed, Jun 22 2005 17:11