I have a new branch location (Big deal for us.) and it is losing it's mind. Basically we have an ASA firewall, Ironport WSA, and 2012 AD. I have Windows 7 pro 32 bit workstations that I am prebuilding here and taking up to the new location. Here, they are joined to network and tested for functionality and printing before going up to the new location. (New branch is a big deal for us, Google Old Meridian IMCU Branch and you will see we are going bananas.)
My problem is when the workstations get to the new LAN they don't connect to the AD and DNS removes their "A" and "PTR" records. We have found that each of these workstations are going through the IRONPORT WSA to try and reach the AD which is backwards. All AD and Local Credit Union traffic should never get to the IRONPORT. All local DNS and AD authentication requests should be handled well before the IRONPORT is ever notified. Talking with support at IRONPORT we have put these workstations in bypass and they are talking to AD and DNS server just fine and all local requests are being handled ok. Taking them out of bypass and they just stop working. We have talked with the Data carrier and they swear that the data routes are the same for this new branch as it is for the old branches. I have a gut feeling that they have some kind of route built to push all this traffic to my firewall (Sits behind the ironport) and then it is being redirected back to my domain instead of being parsed out as internal traffic prior to heading up the stream to the firewall (ironport). How do I prove this? Is there a way to packet trace through each of their hops to the destination if we have a controlled environment, like a Saturday or Sunday when it will just be us IT people in the building? David McSpadden System Administrator Indiana Members Credit Union P: 317.554.8190 [Description: Description: imcu email icon]<http://imcu.com/> [Description: Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU> [Description: Description: twitter email icon] <https://twitter.com/IndMembersCU> [Description: Description: email logo] [http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw&url=http://www.amuletsolutions.com/awards.aspx&bvm=bv.110151844,d.amc&psig=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg&ust=1450459757284499> This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
