Microsoft KB Archive/832659

= The IP Spoof Detection feature in ISA Server 2000 may drop legal packets on systems that have multiple external interfaces =

Article ID: 832659

Article Last Modified on 1/3/2006

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2000 Standard Edition
 * Microsoft Internet Security and Acceleration Server 2000 Service Pack 1

-



SYMPTOMS
The IP Spoof Detection feature in Microsoft Internet Security and Acceleration (ISA) Server 2000 may drop legal packets on systems that have multiple external interfaces. This problem may occur if both of the following conditions are true:
 * The network adapters are configured with different metrics.
 * The packets arrive on an interface that has a lower priority or that has a higher metric.

For example, the following scenario is typical:
 * Network adapter 1 is used for outgoing packets to the Internet.
 * Network adapter 2 is for used server publishing, and it is waiting for incoming requests from the Internet. This interface may be configured with a lower priority or a higher metric.

The IP Spoof Detection feature may drop packets that arrive on network adapter 2 because they arrive on network adapter 2 but they leave from network adapter 1.



WORKAROUND
To use multiple external interfaces with ISA Server 2000, you may have to turn off the IP Spoof Detection feature. For additional information about how to turn off the IP Spoof Detection feature, click the following article number to view the article in the Microsoft Knowledge Base:

284811 HOW TO: Disable the IP Spoofing Detection feature in Internet Security and Acceleration Server 2000



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

Keywords: kbbug kbprb kbpending KB832659

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.