We are facing a strange problem with ISA Server. We are running ISA Server and RRAS on the same server. We have two network interfaces -- one connected to the local network and another connected to the Internet. (We are using ADSL for our Internet connection using a Cisco router.) The problem is that I am receiving intermittent "destination host unreachable" error from the ISA Server while pinging a local router IP, which is obviously causing a problem with my VPN connection.
I tried changing all the hardware -- it didn't affect anything. I tried executing a ping command to the local router from another computer where ISA is not installed, parallel to the computer where ISA Server is installed. From this computer, I am getting a problem, whereas the ISA Server is giving this "destination host unreachable" error. And then within a couple of minutes, it goes back to normal. I even tried disabling IPsec policy, but nothing works. Could you suggest a solution?
For some reason, your ISA Server is intermittently losing its route to your server. I would start by troubleshooting the problem using the Routing And Remote Access console. In particular, look within the IP Routing node for routes that may be misconfigured. Verify that your VPN is not configured as a default gateway for your ISA Server.
Another way to troubleshoot the problem is to compare the local routing table when the system is working properly and when it is broken. You can do this from a command prompt by using the ROUTE PRINT command. When the routing is working correctly, copy the output of the ROUTE PRINT command to a text file and save it. The next time you receive the destination host unreachable error, execute the ROUTE PRINT command again and compare it to the original output. If the problem is indeed with the routing on the ISA Server, there should be a difference. Identify the difference, and then isolate the problem that caused the change. Unfortunately, I can't provide more detailed troubleshooting instructions.
If you don't see a difference between the two outputs from ROUTE PRINT, troubleshoot the problem at your router. Good luck!