[isalist] Re: ISA 2006 Firewall Service not starting

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Thu, 5 Apr 2007 10:16:30 -0700

http://www.ISAserver.org
-------------------------------------------------------

That is a certificate-specific error.
What does ISABPA have to say about them?
We have cert-specific validations in that kewl tewl...

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Rob Moore
Sent: Thursday, April 05, 2007 9:33 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] ISA 2006 Firewall Service not starting

I'm sending this again, because it didn't seem to go through the first
time. I sent it a couple of hours ago, but I haven't seen it come out on
the list yet. All I've gotten were two "Out of Office" messages.

Sorry if it ends up getting posted twice.

Rob

_____________________________________________
From: Rob Moore
Sent: Thursday, April 05, 2007 10:05 AM
To: 'isalist@xxxxxxxxxxxxx'
Subject: ISA 2006 Firewall Service not starting

Hello list-

Yesterday I exported the settings from my ISA 2004 Standard (on Windows
2003 SP1) server and imported them on my new ISA 2006 Standard (on
Windows 2003 SP2) server. Following the MS guide for this migration
(http://www.microsoft.com/technet/isa/2006/upgrade_guide_se.mspx#Migrati
on
<http://www.microsoft.com/technet/isa/2006/upgrade_guide_se.mspx#Migrati
on> ) I also imported the SSL certificate for publishing my OWA site,
installed a new certificate from my internal CA for VPN encryption, and
created the user account for my L2TP site-to-site connection. This
morning I tried to swap the two boxes. But the Microsoft Firewall
service wouldn't start on the ISA 2006 box. I got this error: "The
Microsoft Firewall service terminated with service-specific error
2148081668 (0x80092004)".

When I  take the server out of production and boot it up with only the
LAN cable attached, the Firewall service starts.

I've done a bit of digging around and found a year-and-a-half old
conversation between Tom and someone talking about certificates needing
to be installed in the Trusted Root Certification Authorities. I looked
there, and my new server doesn't seem to have anything there from
Comodo-the supplier of our OWA certificate-whereas my old server does.
Could that be causing the firewall service not to start when the WAN
cable is connected to the world? Is there another path I need to check
out?

Thanks,

Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Rob Moore

Network Manager

215-241-7870

Help Desk: 800-500-AFSC

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

• Follow-Ups:
  • [isalist] Re: ISA 2006 Firewall Service not starting
    • From: Rob Moore

• References:
  • [isalist] ISA 2006 Firewall Service not starting
    • From: Rob Moore

Other related posts:

• » [isalist] ISA 2006 Firewall Service not starting
• » [isalist] ISA 2006 Firewall Service not starting
• » [isalist] Re: ISA 2006 Firewall Service not starting
• » [isalist] Re: ISA 2006 Firewall Service not starting

1. Home
2. isalist
3. Archive
4. 04-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---