Hi, our ISA Server 2004 ran fine for a day until two things I did.
1st: I published a server. Not a SQL or Mail server, but just an addition server. 2nd: Installed more ISA Server 2004 Firewall client onto a few more PCs.
Now, this ISA Server 2004 running on Win2003 Server R2 is very slow. I've already disabled Symantec antivirus and other services. This server has 512MB RAM. Is this not enough? I don't want to increase the RAM until it is confirmed that it is a memory problem. Pls help someone. TIA.
Why don't you check the memory usage of the services? Check which application/service is consuming more memory. I don't think that more policies will make the ISA slow. Increasing the memory is always good for the ISA. My ISA box has 2 GB Ram and I have more than 20 defined policies apart from the built in rules of the ISA. You need to check the caching too. Moreover I have reduced the SQL memory to a minimum level.
< Message edited by Zac -- 31.Aug.2006 7:40:16 AM >
The service that is consuming lots of memory usage is "WSPSRV". This is related to the ISA Server 2K4 firewall service am I correct? Well, its weird that when I disabled the additional rules I published, the memory usage was still high. Thus Win2003 server decided to use the virtual memory which of course is very slow. Does more Firewall clients means more RAM usage too? I'm just afraid that there is more than just RAM involved.
I did a search on here and found several threads regarding "WSPSRV" chewing up memory even on system with 2GB of RAM. Thus I remembered I also enabled reports on ISA Server 2004 which would use the SQL service. Is it possible the SQL service is leaking memory or is there any issue with this? I'll try to disable monitoring reports and see if that helps.
From: The Netherlands
The rules will not be the problem, a Microsoft engineer told me that the performance will reduce when you have about 300 rules. Cache could be a problem, ISA server is trying to get 10% of cache in memory. So if you have a cache file of 2 GB it will use 200 MB of memory. Take a look at your cache file.
Ok, we now have 2.5GB of RAM. I cannot start the Firewall service. It said not enough memory. When I disabled a server publishing rule, it worked. Fond out this rule had a user defined protocol which opens up TCP Port 1024 - 65535 inbound for a certain application. Is this a bug in ISAServer2004? I already installed all the patches and service pack 2. Pls advise anyone, thks.
It is not an FTP. It is EDI which is Electronic Data Interchange for POs. This is their specs from Walmart. I agree, it is not a good idea to open up these ports. However, even if it is bad, ISA Server 2K firewall service shouldn't crash. This inbound rule only routes the protocols to a particular server.