my ISA2004 server (running on W2K3 Std) seems to stop passing ANY traffic at random times, therefore killing all of my public websites. the only solution is to reboot the ISA server. It's driving me insane.. I've checked my publishing rules over and over, deleted them and recreated them, and the only thing that works is a reboot. No errors in the eveng log, no errors anywhere else.
right now they're working fine, but usually in the morning when I get to the office, I have to reboot the server for the publishing rules to work. In the monitoring, I see the traffic coming in from the external IP's to the public IP on the ISA server, but it never gets any further. I can browse the website on the ISA server itself, but not from outside the ISA server.
it's infuriating, I've been working with ISA for 3 years now and never had this happen. any suggesitons? they're just regular websites, running over port 80.
I have the same problem but it is when my machine is doing backups and it was killing the firewall service. When it happens check the microsoft firewall service and see if it is started. If not start it and see if that prevents you from rebooting. if thats the case you can go into the properties and set the service to restart if fails. Of course it's good to find out what is causing it to fail.....good luck
the Microsoft Firewall service is still running, this isn't just when my backups are running (i don't back up my ISA server anyway)... so far it's happened 3 TIMES today, I've had to reboot the #$#%^%# thing.
I changed cables, and also turned off the "allow the computer to turn of this device to save power" option on both the Internal and External NICs... it dang well better make a difference!!! (can you tell i'm frustrated????)
well when I got in this morning, my websites were up so I thought all was well... but I get back from lunch this afternoon and guess what - sites no worky worky again.
here's a brief overview of my ISA logs when isa works: original client IP: 0.0.0.0 service: reverse proxy server name : myisaserver destination host name: mywebsite.com source port: 0 destination IP: 192.168.0.170 (internal IP of my webserver) action: allowed connection rule: mywebsite.com client IP: Ip address of the computer I"m using to test access to the sites source network: external http method: GET URL: http://192.168.0.170/blah/blah.gif
here's the logs when ISA stops responding to requests: origianl client IP: public IP of the computer I'm using to test access to the sites service: <blank> server name: myisaserver destination host name: <blank> source port: 51236/51221 (varying numbers here) destination IP: public IP of my external NIC on ISA action: initiated connection (then later, it will be closed connection) rule: <blank> clietn IP: IP address of the computer I"m using to test access to the sites destination network: LocalHost HTTP method: <blank> URL: <blank>
in the top logs, the incoming request is reverse proxied from the external requestor to the internal IP of my webserver, and everything is great. but in the bottom logs (when the sites aren't working), it's like the request is just not being processed at all... ISA just drops the request like a bad packet.
ANY advice or suggestions would be greatly appreciated. Thanks,
< Message edited by acausemaker -- 21.Dec.2006 1:59:14 PM >
If the number of reqests if is too high at any stage to the ISA Server, it will stay up and running but will drop the connections. This can be tweaked in the general settings and the number can be increased. This feature has been designed to avoid the firewall to get attacked by some robots over a long period.
Remember that if one guy only goes to one website only he might do over 200 requests.
Sorry don't have an ISA under my hands atm, so I do not remember the default value and the exact field name but you should be able to find it easily.