Every time I see "PMTU discovery" I think of "The Crying Game."
t
----- "I'll see your Llama and up you a Badger." John T
http://www.ISAserver.org
Try installing the RPC fix and maybe enable PMTU discovery.
Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?**
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: Friday, January 13, 2006 11:53 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
The ISA server / domain controller has been up for 2 years, upgraded to SP1 over Christmas holidays. This server with the RPC problems was also setup over the holidays, joined a workgroup first during install, performed Windows Updates, updated to Windows 2k3 SP1, then joined the domain. Didn't notice any RPC problems at all until a program we installed required MAPI and noticed strange Exchange behavior when connecting. Installed the KB897716 late yesterday afternoon, fixed Outlook/Exchange problem, but created a TS RPC Error on logon.
SCW is not installed on either machine. Does that help you more Amy et al, as it sounds like you thought my server having problems was an SBS from your questions.
[Jonathon J. Howey] ________________________________
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: January 13, 2006 10:38 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
Now the truth is coming out. RPC and LDAP can be related problems. Fix RPC and your LDAP problem will probably also go away. Did you use the SBS install routine when setting up this server? Did you run the connect to the Internet wizard when prompted and choose "enable firewall" therein? Or did skip the wizards and configure it from scratch?
Amy
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: Friday, January 13, 2006 12:22 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
To further clarify, I was having RPC errors on this same machine, so I went ahead and installed 897716 as the error matches the error we were
seeing in Exchange, so we installed. Now we've been getting "The
system cannot log you on due to the following error: The RPC server is unavailable" when trying to RDP in as any user (other than Domain Admin), and when I run ISA logging, I noticed LDAP is being refused (also with Kerberos-Sec like I said yesterday, but that was being blocked before).
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: January 13, 2006 10:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
Is there any reason why LDAP would be refused now between this machine and my SBS with ISA? This Apps server is part of the Internal network range.
Jonathon J. Howey
KPSA Compliance Management Inc.
P 780.409.5620
F 780.409.5621
D 780.409.5628
C 780.965.8363
Jonathon@xxxxxxx
Guiding the Future of Transportation
www.KPSA.ca <http://www.kpsa.ca/>
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: January 12, 2006 1:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
Yah :-( didn't think it was that big of a deal ; sorry
Jonathon J. Howey
KPSA Compliance Management Inc.
P 780.409.5620
F 780.409.5621
D 780.409.5628
C 780.965.8363
Jonathon@xxxxxxx
Guiding the Future of Transportation
www.KPSA.ca <http://www.kpsa.ca/>
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: January 12, 2006 1:26 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
http://www.ISAserver.org
WHOA.
Are you saying this is ISA on SBS?
That's quite different and a "oh by the way, how was the play Mrs. Lincoln" moment :)
Tom
Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ <http://spaces.msn.com/members/drisa/> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Jonathon@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx