I'm having some issues with ISA 2004 that are causing me to wonder if there's a serious problem with the Web Publishing feature. As soon as I enable it I typically loose 75% of the traffic going to my website. Filtering the ISA log viewer to show denied port 80 requests shows a large stream of them......
I created a Server Publishing rule instead and as soon as I disable the web publishing rule and enable the server publishing rule the site traffic returns to normal. I also found that you can't disable one and enable the other and then hit apply in one shot - doing so causes all sorts of wierd issues - one time it caused ISA to block ALL port 80 requests!
I was running SP#2 but due to the high number of complaints about it in both the newsgroups and this site I thought it might be an idea to wipe ISA out completely and do a clean re-install with only Service Pack #1 installed. I did this but ran into the same issue - 75% traffic drop when using Web Publishing and no significant drop using Server Publishing.
Anyway, my question is, is anyone out there running a volume website behind ISA 2004 using Web Publishing and dynamic content (PHP)? Did you see the same issues (massive traffic drop) or is it unique to me?
I've also only seen the alert logged from ISA about connection limits being reached once.
I'm just wondering if anyone is actually using the Web Publishing feature on a site that actually gets monitored and gets some traffic. I'm very interested to see if they saw the same 75% traffic drop due to ISA denying port 80 requests. The logs are quite clear - it's ISA itself that blocks the connection.
Change it over to Server Publishing and all of a sudden the traffic goes up by almost 75% - It's not a connection limits issue - it seems to be a web publishing problem with ISA itself.
I can't be the only one having this problem - is anyone out there using ISA 2004 and Web Publishing to publish a busy dynamic site? Did you see a 75% traffic drop after implementing it? Did you have to do anything special to make Web Publishing work?
The only way to figure it out is to get packet captures and log files and analyze where the problem is. 99.98% of these problems are not ISA firewall related, and the captures usually are a good place to start the troubleshooting process.