Ok got an insane problem here.
We have an ISA 2006 box acting as our Internet gateway. It has two network interfaces, one for the internal network and one for the external. The latter is connected to a Linksys router running Tomato and from there to the cable modem.
Some client machines connect directly to the router, either via cable or wireless, in order to access the Internet directly and are thus 'outside' the local network. Whilst an MS DHCP server services clients on the internal network, the DHCP server on the router assigns addresses to these clients which connect directly, obviously on a different subnet to the internal network
This has worked fine until today, when we've noticed that even the clients connecting directly to the router are being allocated internal network addresses by the internal DHCP server! What's more, they have complete access to other machines on the internal network, despite being connected to the internal one!
How on earth is this possible? The ISA server appears to be bridging the two interfaces and allowing all traffic through when this shouldn't be possible. Also, why are these clients preferring the internal DHCP server on the other side of the ISA box? If I disable the internal DHCP server then they do get a (correct) address from the router but if the internal DHCP server is active they always prefer that.
These clients shouldn't even be able to see the internal DHCP server, let alone everything else on the internal network. Nothing has changed recently as far as I'm aware
Any help appreciated as I'm at a total loss
We have an ISA 2006 box acting as our Internet gateway. It has two network interfaces, one for the internal network and one for the external. The latter is connected to a Linksys router running Tomato and from there to the cable modem.
Some client machines connect directly to the router, either via cable or wireless, in order to access the Internet directly and are thus 'outside' the local network. Whilst an MS DHCP server services clients on the internal network, the DHCP server on the router assigns addresses to these clients which connect directly, obviously on a different subnet to the internal network
This has worked fine until today, when we've noticed that even the clients connecting directly to the router are being allocated internal network addresses by the internal DHCP server! What's more, they have complete access to other machines on the internal network, despite being connected to the internal one!
How on earth is this possible? The ISA server appears to be bridging the two interfaces and allowing all traffic through when this shouldn't be possible. Also, why are these clients preferring the internal DHCP server on the other side of the ISA box? If I disable the internal DHCP server then they do get a (correct) address from the router but if the internal DHCP server is active they always prefer that.
These clients shouldn't even be able to see the internal DHCP server, let alone everything else on the internal network. Nothing has changed recently as far as I'm aware
Any help appreciated as I'm at a total loss