Welcome to ISAserver.org

Unclear problems with the Edge ISA2k4

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Unclear problems with the Edge ISA2k4

Page: [1]

Message

<< Older Topic Newer Topic >>

Unclear problems with the Edge ISA2k4 - 18.Oct.2005 4:33:00 AM

Posts: 18
Joined: 4.Sep.2003
Status: offline

I've just replaced my old ISA2k with a newly configured edge HP DL320 / ISA2k4 firewall appliance.

Though it seems to be working OK, there are strange problems, started since the ISA2k4 has been deployed, and that I cannot solve yet.

1. E-mail from some domains does not reach the exchange server, including hotmail and some corporate domains.

2. Users (SNAT clients) are unable to open some websites, including yahoo, hotmail, microsoft, llbean.com, etc. {"Web site found... Waiting for reply..." just hangs}

3. The Avaya phone system keeps rebooting, when connected to the internal network.

I have 2 internal DNS servers, no split-DNS, since the internal FQDN (local.domain.com) is different from the external (domain.com). Can it be an issue?

Does anyone have an idea what is going on? I searched through policies and rules, but was unable to trace anything.

Have this kind of issues been already discussed?

Thank you all.

[ October 18, 2005, 04:56 AM: Message edited by: AN ]

Post #: 1

Featured Links*

RE: Unclear problems with the Edge ISA2k4 - 19.Oct.2005 11:31:00 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi AN,

In your research of this problem, what evidence leads you to believe that ISA is the problem for each of these issues?

Thanks!
Tom

(in reply to AN)

Post #: 2

RE: Unclear problems with the Edge ISA2k4 - 19.Oct.2005 7:59:00 PM

Posts: 18
Joined: 4.Sep.2003
Status: offline

Hello Tom,

Thanks for answering. By the way, thank you for your book. I was using it for the configuration.

When I switch back to ISA2k member server box, everything seems to be normal.

I suspected the DNS configuration, but I am confused by the fact that just SOME of sites cannot be open or SOME of mail servers cannot communicate with the Exchange.

Also, I just got a "Connection limit exceed error: ISA Server disconnected the following client: 172.16.17.12 because its connection limit was exceeded. For more information about this event, see the Windows event viewer."
The 172.16.17.12 is the Exchange server.

On the HP DL320 appliance, in the Event Viewer, I have numerous DCOM events 10016: "The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool."

Should I do anything about it?

And the last question. Does your book have anything about QoS and how to prioritize the traffic going through the VPN on the ISA 2k4.

Thank you again.

Anton

(in reply to AN)

Post #: 3

RE: Unclear problems with the Edge ISA2k4 - 25.Oct.2005 6:26:00 AM

awj

Posts: 107
Joined: 26.Feb.2004
From: UK
Status: offline

Got the same problems after upgrading the OS to Windows 2003 SP1 (ie 2003 - 2003SP1) have you done similar?

Anyone else seen the same and fixed this?

(in reply to AN)

Post #: 4

RE: Unclear problems with the Edge ISA2k4 - 3.Nov.2005 5:46:00 AM

MJonkers

Posts: 63
Joined: 6.Jan.2004
Status: offline

Hi found this regarding your problem, regarding you connection limit message.

http://support.microsoft.com/default.aspx?scid=kb;en-us;838706

[ November 03, 2005, 05:53 AM: Message edited by: MJonkers ]

(in reply to AN)

Post #: 5