• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA Server slow with more policies?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> ISA Server slow with more policies? Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA Server slow with more policies? - 31.Aug.2006 4:04:46 AM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
Hi, our ISA Server 2004 ran fine for a day until two things I did.

1st:  I published a server.  Not a SQL or Mail server, but just an addition server.
2nd:  Installed more ISA Server 2004 Firewall client onto a few more PCs.

Now, this ISA Server 2004 running on Win2003 Server R2 is very slow. I've already disabled Symantec antivirus and other services. This server has 512MB RAM.  Is this not enough?  I don't want to increase the RAM until it is confirmed that it is a memory problem.  Pls help someone.  TIA.
Post #: 1
RE: ISA Server slow with more policies? - 31.Aug.2006 7:37:14 AM   
Zac

 

Posts: 44
Joined: 6.Oct.2005
From: Kuwait
Status: offline
Hi,

Why don't you check the memory usage of the services? Check which application/service is consuming more memory. I don't think that more policies will make the ISA slow. Increasing the memory is always good for the ISA. My ISA box has 2 GB Ram and I have more than 20 defined policies apart from the built in rules of the ISA. You need to check the caching too. Moreover I have reduced the SQL memory to a minimum level.

Regards

Zac.

< Message edited by Zac -- 31.Aug.2006 7:40:16 AM >

(in reply to Xuser)
Post #: 2
RE: ISA Server slow with more policies? - 31.Aug.2006 3:18:26 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
The service that is consuming lots of memory usage is "WSPSRV". This is related to the ISA Server 2K4 firewall service am I correct?  Well, its weird that when I disabled the additional rules I published, the memory usage was still high.  Thus Win2003 server decided to use the virtual memory which of course is very slow.  Does more Firewall clients means more RAM usage too?
I'm just afraid that there is more than just RAM involved.

(in reply to Zac)
Post #: 3
RE: ISA Server slow with more policies? - 31.Aug.2006 3:39:11 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
I did a search on here and found several threads regarding "WSPSRV" chewing up memory even on system with 2GB of RAM.  Thus I remembered I also enabled reports on ISA Server 2004 which would use the SQL service.  Is it possible the SQL service is leaking memory or is there any issue with this?  I'll try to disable monitoring reports and see if that helps.

(in reply to Xuser)
Post #: 4
RE: ISA Server slow with more policies? - 31.Aug.2006 8:16:03 PM   
gja

 

Posts: 50
Joined: 15.Aug.2006
From: The Netherlands
Status: offline
The rules will not be the problem, a Microsoft engineer told me that the performance will reduce when you have about 300 rules.
Cache could be a problem, ISA server is trying to get 10% of cache in memory. So if you have a cache file of 2 GB it will use 200 MB of memory.
Take a look at your cache file.

Regards
Gijs

(in reply to Xuser)
Post #: 5
RE: ISA Server slow with more policies? - 22.Sep.2006 4:20:03 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
Ok, we now have 2.5GB of RAM. I cannot start the Firewall service. It said not enough memory.  When I disabled a server publishing rule, it worked.  Fond out this rule had a user defined protocol which opens up TCP Port 1024 - 65535 inbound for a certain application.  Is this a bug in ISAServer2004?  I already installed all the patches and service pack 2.  Pls advise anyone, thks.

(in reply to gja)
Post #: 6
RE: ISA Server slow with more policies? - 5.Oct.2006 6:03:28 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
Anyone?

(in reply to Xuser)
Post #: 7
RE: ISA Server slow with more policies? - 5.Oct.2006 8:26:51 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi user,

quote:

When I disabled a server publishing rule, it worked.  Fond out this rule had a user defined protocol which opens up TCP Port 1024 - 65535 inbound for a certain application. 

Wow... can't that be a little bit more specific? Why do you need to have such a publishing rule?

HTH,
Stefaan

(in reply to Xuser)
Post #: 8
RE: ISA Server slow with more policies? - 5.Oct.2006 8:46:19 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
It is for a Walmart EDI. They want these ports opened.

(in reply to spouseele)
Post #: 9
RE: ISA Server slow with more policies? - 5.Oct.2006 8:58:54 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Xuser,

is this some kind of badly implemented "Secure FTP" protocol?
I wouldn't allow that on my network!

HTH,
Stefaan

(in reply to Xuser)
Post #: 10
RE: ISA Server slow with more policies? - 5.Oct.2006 9:07:55 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline
It is not an FTP.  It is EDI which is Electronic Data Interchange for POs.  This is their specs from Walmart.  I agree, it is not a good idea to open up these ports.  However, even if it is bad, ISA Server 2K firewall service shouldn't crash.
This inbound rule only routes the protocols to a particular server.

(in reply to spouseele)
Post #: 11
RE: ISA Server slow with more policies? - 5.Oct.2006 9:21:56 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Xuser,

because you have to implement it and you can simulate the problem very easily, I suggest you contact Microsoft PSS and find out what they have to say about this.

HTH,
Stefaan

(in reply to Xuser)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> ISA Server slow with more policies? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts