Hi All, I could not find the settings where I can prevent the firewall client change the DNS IP on the client machine. We have a DSL connection the modem / router's IP is 192.168.0.1, The ISA server machine has two NICs, the IPs are 192.168.1.253 (Internal) and 192.168.0.254 (External). The later one's default gateway is set to 192.168.0.1 and DNS 202.56.215.54 and 55 (ISP's DNS server addresses). I configured this server as edge firewall. Everything works fine the problem occurs when I install firewall client, the client machines receive IP settings from a DHCP server, since it is a windows domain a local DNS Server (192.168.1.2) is also set on the client machines for the AD group policies. This DNS IP (192.168.1.2) is overriden by 192.168.0.1. therefore group policy could not be processed and an application is also not running. worth to mention that FTP works fine on my client machine. Please help

Quote: "We have a DSL connection the modem / router's IP is 192.168.0.1, The ISA server machine has two NICs, the IPs are 192.168.1.253 (Internal) and 192.168.0.254 (External)." _______________ 192.168.0.254 is not an external IP address. Your ISA server has two internal IP addresses on the same subnet. There is no reason for that. Search Google for "ISA server configuration" There are a lot of sites explaining the setup.

guapo your information is incorrect. x.x.1.x and x.x.0.x are not in the same subnets. It is normal to configure ISA in addition to using a router which is what the poster is doing. rajoo_sh what firewall client are you installing and why? You have no need for it if you have both a router and ISA. It would appear to me you have your router doing dhcp. It should not. Only your MS dhcp server should be giving out ips. Correct this and you won't have any issues getting the wrong ip and gateway. I would also suspect you have your physical configuration wrong also. The router should only be connected to nic1 in the server and nothing else. Imagine the power of knowing how to internet search http://www.lib.berkeley.edu/Teachin...

My mistake. They are not on the same subnet but they are both internal IP addresses although he has one marked external.

Hi wanderer, Thanks for the reply. The so called router (modem) is connected to the one of the NICs (192.168.0.254) of the ISA server machine and not in the SWITCH. I need firewall client to access ftp. for example ftp.mywebsite.com to upload files. I explain the complete setup: Its a network of approx 100 computers with TWO Domain controllers. The First Domain controller's IP is 192.168.1.2 and the second's 192.168.1.1. The ISA server has two NICs (192.168.1.253 (connected to switch) and 192.168.0.254 (connected to the router)). The first domain controller acts as a DHCP and the DNS server also. The IP pool is 192.168.1.11 - 192.168.1.200. Please guide me if anything is wrong.

forgot to mention, its the microsoft ISA firwall client.

Have you reviewed this article? http://www.isaserver.org/tutorials/... I suspect your dns config client problem is related to your isa server dns config which is set to the wan not lan interface. Imagine the power of knowing how to internet search http://www.lib.berkeley.edu/Teachin...