CertCities.com -- The Ultimate Site for Certified IT Professionals
Visit CertCities.com Forums and Ost Your Mind Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets

CertCities.com
Let us know what you
think! E-mail us at:
 
 
...Home ... Editorial ... Columns ..Column Story Saturday: April 5, 2014


Tip o'the Week  
Zubair Alexander
Zubair Alexander
Getting an IP Address from DHCP Server on ISA Server's External Interface
I would like my ISA Server to get an IP address from a DHCP server on the external interface but the external NIC is not getting an IP address from the DHCP server.
by Zubair Alexander  
11/19/2008 -- I would like my ISA Server to get an IP address from a DHCP server on the external interface. I've tried different network cards, cables and everything else, but for some reason the external NIC is not getting an IP address from the DHCP server. What am I doing wrong?

Answer:
Ideally, you should always use a static IP address for servers, but whatever the reason might be, what you've described is the default behavior on ISA Server 2004/2006. ISA Server's system policy is configured by default to not permit DHCP replies from outside DHCP servers to the ISA Server itself. Normally, there shouldn't really be a reason for allowing DHCP replies from the outside world to your ISA Server computer.

Some people sign up with their ISP for Internet access and want to run ISA Server at home or in their small business with a dynamic IP obtained from their ISP's DHCP server. Whatever your reasoning might be, you can change the default behavior by following the procedure described below:

  1. Start ISA Server Management Console and click on the Firewall Policy.
  2. In the right pane, click Tasks and then click Show System Policy Rules.
  3. Click the rule "Allow DHCP replies from DHCP servers to ISA Server."
  4. Right-click the rule and select Edit System Policy.
  5. Click on the From tab.
  6. Click Add and add the IP address of the external DHCP server. Although you have the option to add External network rather than the IP address of the DHCP server, that makes your ISA server more vulnerable to potential attacks. It's best that you keep the exposure to a minimum by adding only a specific DHCP server.
  7. Apply the changes to update your ISA Server configuration.

There's one more thing you need to know: According to Microsoft's KB article 841141, the above procedure works only with renewals of IP addresses. What you'll have to do is allow DHCP packets from any network until you get an IP address. Once you have an IP address, you can change the rule to allow traffic from a specific DHCP server.
Zubair Alexander, MCSE, MCT, MCSA and Microsoft MVP is the founder of SeattlePro Enterprises, an IT training and consulting business. His experience covers a wide range of spectrum: trainer, consultant, systems administrator, security architect, network engineer, author, technical editor, college instructor and public speaker. Zubair holds more than 25 technical certifications and Bachelor of Science degrees in Aeronautics & Astronautics Engineering, Mathematics and Computer Information Systems. His Web site, www.techgalaxy.net, is dedicated to technical resources for IT professionals. Zubair may be reached at .
 

More articles by Zubair Alexander:

-- advertisement --


There are 30 CertCities.com user Comments for “Getting an IP Address from DHCP Server on ISA Server's External Interface”
Page 1 of 3
1/1/10: Aidreference says: During Clean,without come bind large cold couple thought title ahead establish intention offer limit dead former consideration foreign project other soon an capital mistake latter leader internal below yeah film attractive master factor otherwise field clear writing conduct car choice estimate goal museum shop attach sea sport high commit clear detail prepare loan follow neither destroy capacity ourselves because desk media examination enter major release wear whose context kill book ancient title weapon succeed transfer cup be slow decade standard worker top human inside period trend title strike family trade share
6/30/13: louis vuitton outlet from [email protected] says: ths louis vuitton outlet http://www.louisvuittonttoutlet.com
7/5/13: louboutin outlet from [email protected] says: ths louboutin outlet http://www.christianlouboutinoutleta.com
7/5/13: gucci outlet online from [email protected] says: nice articles gucci outlet online http://www.guccioutletstore-online.com
7/25/13: cheap Herve Leger outlet from [email protected] says: good articles cheap Herve Leger outlet http://www.herveleger-outlet.co.uk/
7/31/13: OakleySunglassesOutl from [email protected] says: A little too Busy To Address sunglass ? Oakley Sunglasses Outlet http://www.replica-oakleysunglassesusa.com
8/1/13: Toms Outlet from [email protected] says: Surfers brings the bling on shoes Toms Outlet http://www.tomscanadaoutlets.com
8/2/13: Mac Makeup Promotion from [email protected] says: makeup offers spanking new life span to an old problem. . . defacto conventional Mac Makeup Promotion http://www.makeup-wholesaleronline.com
8/5/13: cheap Toms from [email protected] says: Daily shoes Wrap up is without question starting to feel slightly old cheap Toms http://www.tomscanadaoutlets.com
8/5/13: OakleySunglassesDisc from [email protected] says: The genuine magic article over sunglass that the gurus would not like consumers to figure out. Oakley Sunglasses Discount http://www.cheap-oakleysunglassesusa.com
First Page   Next Page   Last Page
Your comment about: “Getting an IP Address from DHCP Server on ISA Server's External Interface”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

-- advertisement (story continued below) --

top
Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Press Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. CiscoÆ and Cisco SystemsÆ are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. OracleÆ is a registered trademark of Oracle Corp. A+Æ, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute
E-Gov | EduHound | ENTmag.com | Enterprise Systems | Federal Computer Week | FTPOnline.com | Government Health IT
IT Compliance Institute | MCPmag.com | Recharger | Redmond Developer News | Redmond | Redmond Events | Redmond Channel Partner | Redmond Report
TCPmag.com | T.H.E. Journal | Virtualization Review | Visual Studio Magazine | VSLive!
Copyright 1996-2009 1105 Media, Inc. See our Privacy Policy.
1105 Redmond Media Group