[isalist] Re: ISA server problem - connection refused.

• From: "Stuart Tonge" <stuart.tonge@xxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 19 Apr 2006 14:13:02 +0100

Yes it's paid for.

I didn't deploy it as the front line firewall since this is the first
isa 2004 server I've deployed out of test environments.

I was going to trial it as the primary, but with all the problems it's
caused thus far im not sure I trust it any longer.

When the existing problem is resolved, I will likely trial it.

But first I need to get the web working properly.

 

I will try sniffing the wire and removing the perimeter firewall to see
if that resolves any problems.

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: 19 April 2006 14:09
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: ISA server problem - connection refused.

 

But the ISA firewall is surely more secure than what you're using?

 

Why waste the security you paid for (I assume you paid for the ISA
software?)

 

Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

         

        
________________________________


        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stuart Tonge
        Sent: Wednesday, April 19, 2006 7:35 AM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] Re: ISA server problem - connection refused.

         

        Hi Amy.

         

        Not connection limits - I've disabled any limits.

        DNS works just fine for everything else, and lookups work in
general. Both simple and recursive.

         

        It's not intended to protect - I have existing hardware
firewalls deployed which do the job just fine.

        All I want it to do is proxy.

         

        If I have time to reconfigure & learn ISA more fully after the
project then I'll reconfigure it. 

        Right now I just want it to not cause me problems.

         

         

        Can you suggest any resolutions to the problem? 

         

        
________________________________


        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak
        Sent: 19 April 2006 13:21
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] Re: ISA server problem - connection refused.

         

        Might be connection limits or a problem with your DNS or
workstation setup in general. Just from the brief description you gave
of your ISA configuration it sounds like it might not be set up properly
at all. Firewalls don't interfere, they protect.

         

        Amy

         

         

        
________________________________


        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stuart Tonge
        Sent: Wednesday, April 19, 2006 7:25 AM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] ISA server problem - connection refused.

         

        Hi all.

         

        I have an ISA server 2004 box deployed as a web proxy.

        I have set an allow any-any rule to stop the firewall
interfering.

        I have my users proxying through this box to the web.

         

        It works 95% of the time. The rest of the time, i get a 10061
connection refused error.

        If i refresh the page, it generally refreshes the first time.

        This happens on many sites & has been seen nmultiple times on
microsoft.com, bbc.co.uk, isaserver.org.

        Sometimes images do not load on a page, but this is fairly rare,
and some of the images may load.

        Some will load, some will not.

         

        I have tried to isolate 'problem sites' but this has not worked
- the error seems totally random.

         

        The only common occurance I have noted is that after one error,
some clients - not all - seem to have trouble

        connecting to any site for the next 30-60 seconds, instead
receiving the error over and over.

        I have only seen this on 2 of 40 clients.

         

        I have tried disabling all web filter add-ins, caching, ip
routing, ip filtering, etc.

        Basically i've tried every button i can find in ISA 2004!
nothing makes the problem better.

        It's also hard to test since it's intermittent.

         

        The ISA server is directly connected to a firewall which filters
traffic, but this device works fine 100% of the time when

        web traffic passed via it instead of ISA.

        ISA is reporting no errors in the console. There are no errors
in the syslogs.

         

        Does anyone have any ideas short of uninstalling ISA & getting a
refund?

         

         

         

        Thanks,

        Stuart Tonge

         

        Pink Fish I.T. LTD

        Network Architect

        stuart.tonge@xxxxxxxxxxxx

        http://www.pink-fish.tv

        01302 365408

         

Other related posts:

• » [isalist] ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.
• » [isalist] Re: ISA server problem - connection refused.

1. Home
2. isalist
3. Archive
4. 04-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---