Welcome to ISAserver.org

Have to keep restarting Microsoft Firewall service

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 General] >> General >> Have to keep restarting Microsoft Firewall service

Page: [1]

Message

<< Older Topic Newer Topic >>

Have to keep restarting Microsoft Firewall service - 21.Aug.2007 7:23:29 AM

xsproltd

Posts: 10
Joined: 21.Aug.2007
Status: offline

Hi,

We have a network with the following setup currently.

Zyxel 660 ADSL router connecting to DSL which is connected to the external interface on our Windows 2003 R2 Server (with all latest updates) running ISA Server 2006.

The Zyxel router is set with a one to one NAT relationship to the external interface on the server, translating the public static IP to an IP on the internal range (in routing mode).

The server itself is servicing just one SecureNAT client and the rest are web proxy clients.

I have checked the event logs, memory usage, processes and services and can see no problems. The server seems healthy and fine, but i find i have to restart the microsoft Firewall service almost on a daily basis, as the internet access stops working on both the server and all the clients.

The only way to resume internet access is to restart the firewall service.

Any ideas please anyone?

Post #: 1

Featured Links*

RE: Have to keep restarting Microsoft Firewall service - 21.Aug.2007 8:08:44 AM

elmajdal

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline

Hi,

any webfilter installed ??

what other apps / services u have installed on the ISA Server machine ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to xsproltd)

Post #: 2

RE: Have to keep restarting Microsoft Firewall service - 21.Aug.2007 9:19:21 AM

xsproltd

Posts: 10
Joined: 21.Aug.2007
Status: offline

Hi,

Thank you for your reply. There are no third-party filters installed, just the standard ones that came with ISA.

Other apps and services running are:-

Exchange 2003 SP2
IIS (running a .net application)
SQL Server 2005
Active Directory (i know this is not recommended)
File and Print sharing.

(in reply to elmajdal)

Post #: 3

RE: Have to keep restarting Microsoft Firewall service - 21.Aug.2007 11:18:32 AM

elmajdal

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline

quote:

Exchange 2003 SP2
IIS (running a .net application)
SQL Server 2005
Active Directory (i know this is not recommended)
File and Print sharing.

All of the above are not recommended !!

This is not supported , unless it is an SBS !

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to xsproltd)

Post #: 4

RE: Have to keep restarting Microsoft Firewall service - 21.Aug.2007 11:26:28 AM

xsproltd

Posts: 10
Joined: 21.Aug.2007
Status: offline

I appreciate that this is not a recommended configuration. Its a cost association issue. Ideally i would have ISA running on a member server only.

However, i have this setup in other places, and have seen this functioning fine on other sites, with no issues.

Any ideas on what could be causing the internet activity to stop on a daily basis nonetheless?

(in reply to elmajdal)

Post #: 5

RE: Have to keep restarting Microsoft Firewall service - 21.Aug.2007 11:58:36 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

It functions fine until the machine is compromised -- and when it's compromised (and it will be) it won't be the ISA Firewall's fault because this is a supremely unsecure configuration. Not supported and for good reason.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to xsproltd)

Post #: 6