Dr. Tom's ISA Server 2004 Firewall Blog

Dr. Tom Shinder's ISA Server Firewall Blog

Disabling Spoof Detection in ISA 2004 Firewalls

Spoof detection in ISA 2004 firewalls is a handy feature that helps protect the firewall from spoof attacks. However, there are some circumstances that generate spurious spoofs , such as when implementing NLB. No problem! Here's the fix, courtesy of our good friend, Barclay Neira:

284811 HOW TO: Disable the IP Spoofing Detection Feature in Internet Security and Acceleration Server

http://support.microsoft.com/?id=284811

Here is the location you would need to update. All other information is the same:

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/FwEng/Parameters

Thanks Barclay!

Posted: Apr 29 2004, 02:31 AM by shinder | with 3 comment(s)
Filed under:

Comments

shinder said:

Are you sure this is ISA 2004 related? The article 284811 subject is ISA 2000. I think ISA 2004 doesn't support NLB (see http://support.microsoft.com/?id=884319). Or can I apply this on ISA 2004 and can handle NLB after it?
# October 26, 2004 8:36 AM

TrackBack said:

^_~,pretty good!csharpsseeoo
# May 19, 2005 7:43 PM

TrackBack said:

Disabling Spoof Detection in ISA 2004 Firewallsooeess
# July 22, 2005 10:13 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)