Hi Tom I believe that I do have the necessary hotfixes/rollup patches etc installed. But my main problem is that when my Firewall Service is restarted, my 2 DNS Servers "lose their connection" and thus have to have DNS restarted before they are then able to perform lookups etc. I don't think this is an ISA issue though. Cheers William R. -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: 15 August 2003 07:50 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: DNS Restart After ISA Server Reboot http://www.ISAserver.org Hey guys, If you install the latest rollup hotfix, this problem will disappear completely. It has for me. HTH, Tom Thomas W Shinder <http://www.isaserver.org/shinder> www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp -----Original Message----- From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx] Sent: Thursday, August 14, 2003 1:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: DNS Restart After ISA Server Reboot http://www.ISAserver.org Hi Troy I have noticed the exact same problem/scenario but my solution is not as proactive as yours. What I've also found is that even though ISA Services have not been restarted, I will sometimes get a DNS failure. I thus scheduled a VB Script to restart DNS on my DC's once a day, but even that sometimes isn't good enough. Would you mind sharing your "polling script" with the rest of us mortals so that we may also implement a more effective solution? Thanks William R. -----Original Message----- From: Troy Robbins [mailto:trobbins@xxxxxxxxxxxxx] Sent: 14 August 2003 08:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: DNS Restart After ISA Server Reboot http://www.ISAserver.org Mark, We encountered a similar problem under the following conditions: - upon reboot of the ISA server - restart of the ISA services - external DNS failure from our ISP After spending time attempting to troubleshoot any issue that was going on with DNS or ISA, the workaround I came up with was to create a script that polls an external FQDN with more than one DNS server, the script then parses the results and counts the DNS servers returned, if the result is not what was expected the script restarts the local DNS service (logs an event) and rechecks the results again. If the script returned bad results the 2nd pass through a notification event is fired off as well (i.e. email, MS Messenger Service, log file and event log). The script keeps a tally of the total failures and will stop after the 3rd attempted restart of the DNS service - notifying us that human intervention is required. We use the script on all of our internal DNS servers (5) and its executed every 4 minutes. On average the DNS service is restarted a couple times every other day, very seldom have we had to intervene - only when perhaps our external DNS servers were having issues. While this obviously doesn't resolve the underlying problem, it's certainly placed a Band-Aid on the issue and allowed us to move on for the time being. If you like I can email the script to you off list. Troy Robbins, CISSP ----- Original Message ----- From: Mark Hopkins <mailto:Mark.Hopkins@xxxxxxxxxxxxxxxxxxxxx> To: [ISAserver.org <mailto:isalist@xxxxxxxxxxxxx> Discussion List] Sent: Thursday, August 14, 2003 12:28 AM Subject: [isalist] RE: DNS Restart After ISA Server Reboot http://www.ISAserver.org I never said that DNS stops. I merely stated that I must "restart" DNS (sometimes) after either restarting ISA services or rebooting the ISA Server server. At present, my setup is as follows: (1) DNS Server on PDC (Active Directory/Windows 2000 Server) (2) ISA Server (member server/Windows 2003 Standard) Integrated Mode, but not array. It seems fairly simple. DNS does not stop internally, but only when attempting to resolve a FQDN outside of the internal network. Thanks for your help John. Mark --------------------------------------------------------------------- Everything in this e-mail and attachments relating to the official business of Columbus Stainless is proprietary to the company. It is confidential, legally privileged and protected by law. Columbus Stainless does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Columbus Stainless. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is,for whatever reason, corrupted or does not reach its intended destination. ---------------------------------------------------------------------