A Virtual IP and a Dedicated IP do not have the same subnet mask or are in different subnets - Microsoft.ISAServer.2006.A_Virtual_IP_and_a_Dedicated_IP_do_not_have_the_same_subnet_mask_or_are_in_different

Microsoft.ISAServer.2006.A_Virtual_IP_and_a_Dedicated_IP_do_not_have_the_same_subnet_mask_or_are_in_different_subnets.Rule (Rule)

This Rule generates alerts when A Virtual IP and a Dedicated IP do not have the same subnet mask or are in different subnets

Knowledge Base article:

Summary

The Firewall service generates this alert when ISA Server NLB integration mode is enabled and network load balancing is misconfigured.

When NLB is specified on the network, the Firewall service looks for an appropriate adapter to bind to NLB. The adapter should have the same subnet mask for its virtual IP address for its dedicated IP address. Similarly, the virtual IP address and the dedicated IP address must belong to the same subnet. Otherwise, this alert will be issued and NLB will not be functional.

Causes

The NLB configuration fails if the virtual IP address specified for the network does not belong to the same subnet as the dedicated IP address of the adapter chosen for NLB, or if the virtual IP address and the dedicated IP address have different subnet masks.

Resolutions

Reconfigure the load-balanced network and/or specify an alternate virtual IP address and/or virtual IP address subnet mask.
Change the adapter address and/or subnet mask to match the subnet and subnet mask of the virtual IP address.

External

For more information about using NLB in ISA Server, see the related document at the Microsoft TechNet Web site .

Element properties:

Target	Microsoft.ISAServer.2006.NLB.ServerRole
Category	EventCollection
Enabled	True
Alert Generate	False
Remotable	True

Member Modules:

ID	Module Type	TypeId	RunAs
DS	DataSource	Microsoft.ISAServer.2006.Rule.AlertGenerate.DS	Default
WA	WriteAction	Microsoft.ISAServer.2006.Rule.AlertGenerate.WA	Default

Module Type

TypeId

RunAs

DataSource

Microsoft.ISAServer.2006.Rule.AlertGenerate.DS

Default

WriteAction

Microsoft.ISAServer.2006.Rule.AlertGenerate.WA

Default

Source Code:

<Rule ID="Microsoft.ISAServer.2006.A_Virtual_IP_and_a_Dedicated_IP_do_not_have_the_same_subnet_mask_or_are_in_different_subnets.Rule" Enabled="onEssentialMonitoring" Target="Microsoft.ISAServer.2006.NLB.ServerRole" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100"> <Category>EventCollection</Category> <DataSources> <DataSource ID="DS" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.DS"> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <LogName>Application</LogName> <EventsPattern>^(21242)$</EventsPattern> <EventType>1</EventType> <SourcePattern>Microsoft Firewall</SourcePattern> </DataSource> </DataSources> <WriteActions> <WriteAction ID="WA" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.WA"> <AlertMessageId>$MPElement[Name="Microsoft.ISAServer.2006.A_Virtual_IP_and_a_Dedicated_IP_do_not_have_the_same_subnet_mask_or_are_in_different_subnets.AlertMessage"]$</AlertMessageId> <DomainName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName> <Priority>1</Priority> <Severity>2</Severity> </WriteAction> </WriteActions> </Rule>