Make Sure Your Interface Order is Correct

By /

image Yuri Diogenes recently presented an interesting case of failed authentication attempts by VPN clients because of connectivity issues with a domain controller. What was interesting was that the ISA firewall had basic connectivity to the domain controller. Yet, authentication attempts failed.

What was the problem? The problem was that the interface order was incorrect. In Yuri’s scenario, the external interface was on the top of the connections list.

Multihomed computers have a number of issues with name resolution and authentication, so you have to be aware of the importance of putting the internal interface on the top of the network connection list. We’ve made that point many times on this site, in our books, and in any talks or lectures me, Jim Harrison, Yuri Diogenes, Mohit Saxena, Jason Jones and Richard Hicks and any other ISA or TMG firewall pro have given.

For more information, check out Yuri’s blog post over at:

http://blogs.technet.com/yuridiogenes/archive/2009/09/25/troubleshooting-tips-for-vpn-client-access-on-isa-server-2006.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

image
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top