Cleaning up ISA routes

ISA Server detected routes through adapter WAN that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.) The address ranges in conflict are: 172.16.255.255-172.16.255.255;.

While I was fixing problems I decided to clean up this configuration error. I have a DMZ that uses IP addresses, 172.16.0.0 through 172.16.0.255. Evidently ISA needs 172.16.255.255 so it inserts a route on the WAN adapter for it and then complains about the route being in the wrong place. I added this single address to the DMZ network and this configuration error went away.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.