ISA Server takes a long time to apply changes to the firewall configuration

ISA Server takes a long time to apply changes to the firewall configuration (Full Version)

All Forums >> [ISA 2006 Misc.] >> ISA 2006 Programming

Message

demon_xxi -> ISA Server takes a long time to apply changes to the firewall configuration (7.May2008 5:31:51 AM)
Hi. I'm going to configure ISA through the FPCLib COM objects. But I faced the problem that calling Save method on any object takes a long time. I created a sample just to add one computer to existing computerset and save that set. It tooks about 20 seconds to apply changes. Calling save I do not restart firewall service: var root = new FPCClass(); var array = root.Arrays; var compset = array.RuleElements.ComputerSets.Item("testset"); compset.Computers.Add("testcomp", "192.168.1.5"); compset.Save(false, true); Also I noticed that applying changes in ISA Management console also take a long time. Is there any way to speedup this process because I need to manage a lot of computers in computer sets dynamically "on fly"? Otherwise is there any way to implement some kind of dynamic group. for example use own file to store computers in set and program some code that ISA will use to identify to which set current computer belongs while applying proxy policy rules? Thanks in advance, Sergey.

demon_xxi -> RE: ISA Server takes a long time to apply changes to the firewall configuration (7.May2008 5:45:28 AM)
I found that calling compset.Save(false, false); does everything immediately but in this case fReloadConfiguration =false which leads to rules don not be applied. quote: HRESULT Save( VARIANT_BOOL fResetRequiredServices, VARIANT_BOOL fReloadConfiguration ); fReloadConfiguration [in, optional] Boolean value that indicates whether the call will include synchronous reloading of all the saved configuration changes that can be applied dynamically without restarting services. The default value is VARIANT_TRUE. In Enterprise Edition, this parameter is ignored. I mean If I add server to set and there is a rule for this set to allow access. Added computer still have no access [:(] Why this process is so long? Do I have to implement some magic filter by my own?

Page: [1]