Microsoft KB Archive/288396

From BetaArchive Wiki
Knowledge Base


ISA Server Event 14120 Is Logged and Packet Filter Cannot Be Created

Article ID: 288396

Article Last Modified on 1/15/2006


APPLIES TO

  • Microsoft Internet Security and Acceleration Server 2000 Standard Edition


This article was previously published under Q288396

SYMPTOMS

The following error is logged in Event Viewer because there is a conflict with the Local Address Table (LAT) in Internet Security and Acceleration (ISA) Server 2000 and the routing table:

Event Type: Error
Event Source: Microsoft Web Proxy
Event Category: None
Event ID: 14120
Date: 4/18/2001
Time: 2:08:35 PM
User: N/A
Computer: computer name
Description:

The ISA Server services cannot create a packet filter 24.25.66.26. This event occurs when there is a conflict between the LAT configuration and the Windows 2000 routing table. Check the routing table and the LAT to find the source of the conflict.

Data:
0000: 41 01 00 c0

The data area also translates to error "0xc000141", or "(dec): 3072 321". If the LAT does not have a conflict with the local routing table (for example, if you set the LAT correctly to only include the IP addresses of all internal interfaces) you may see this event error under the following circumstances:

  • You have configured ISA Web publishing to an internal Web server, or to the local IIS server on the ISA server.
  • An internal client requests the Web site using a fully qualified domain name (FQDN) that resolves to the external IP address of ISA.
  • ISA has both NICs in the same segment and outbound packets go out through the same NIC where the client's request arrived (because that is where the default gateway is configured).


CAUSE

This behavior occurs because when the ISA Web service listens on the external IP address on behalf of the Web server, and the internal client tries to access that service, Web proxy tries to create a packet filter for that address because the proxy views that the address as external (which it is). The packet filter driver fails to create the filter because the address is not reachable through the external interface; instead, the address is reachable through the loopback interface. The result is the event log entry.

RESOLUTION

Although you can ignore this event, you can also resolve this behavior. To do so, on the DNS server that is being used for internal name resolution, create a host record (A record) for the fully qualified domain name that is used by internal users and that resolves to the internal IP address or the IP address of the Web server on which the Web site is hosted.

Keywords: kbenv kberrmsg kbprb KB288396



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/288396&oldid=157506
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki