Microsoft KB Archive/838114

From BetaArchive Wiki
Knowledge Base


How to disable the IP Spoof Detection feature in ISA Server 2004 and in ISA Server 2006

Article ID: 838114

Article Last Modified on 9/7/2007


APPLIES TO

  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition


Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in Windows XP and Windows Vista


INTRODUCTION

By default, the IP Spoof Detection feature is enabled in Microsoft Internet Security and Acceleration (ISA) Server 2004 and in Microsoft Internet Security and Acceleration (ISA) Server 2006. Although there is no way to disable this feature in the ISA Microsoft Management Console (MMC) snap-in, you can disable this feature in the Windows registry.

MORE INFORMATION

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To disable the IP Spoof Detection feature in the Windows registry, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:

    HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/FwEng/Parameters

    If the Parameters subkey is not displayed, follow these steps to create this subkey:

    1. Click the FwEng subkey.
    2. On the Edit menu, point to New, and then click Key.
    3. To name the key, type Parameters, and then press ENTER.
  3. Right-click Parameters, point to New, and then click DWORD Value.
  4. To name the value, type DisableSpoofDetection, and then press ENTER.
  5. Right-click DisableSpoofDetection, and then click Modify.
  6. In the Value data box, type 1, and then click OK.

    Warning This setting disables IP Spoof Detection. To enable IP Spoof Detection, set the DisableSpoofDetection value to 0. This is the default value.
  7. Exit Registry Editor, and then restart the ISA Server 2004 services or the ISA Server 2006 services.


REFERENCES

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

284811 How to disable the IP spoofing detection feature in Internet Security and Acceleration Server 2000


832659 The IP Spoof Detection feature in ISA Server 2000 may drop legal packets on systems that have multiple external interfaces


833786 Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks


Keywords: kbisa2006swept kbhowto kbinfo KB838114



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/838114&oldid=203770
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki