RE: ISA 2004 firewall won't start anymore

• From: "Bunting, Jeff" <BUNTING@xxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 27 Oct 2005 12:16:45 -0400

I only have the one web listener for OWA left which I tried  deleting and
recreating with no success.  I get the event log errors whether I have any
listneners created or not.

I did revoke a certificate that I didn't need (or perhaps *thought* I didn't
need) on the CA.  It didn't have the ISA server name in it.  It wouldn't let
me unrevoke it to test because I didn't put it on "certificate hold".

I tried creating a new certificate for the ISA server and adding it to the
store, but it didn't fix the problem.

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Thursday, October 27, 2005 11:45 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 firewall won't start anymore

http://www.ISAserver.org

Make sure that *all* web listeners with SSL enabled have valid certificates.
99.444% of the time, someone either revoked or removed a certificate without
updating ISA.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 
-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
Sent: Thursday, October 27, 2005 07:26
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 firewall won't start anymore

http://www.ISAserver.org

I must confess, I'm not sure.  In hindsight, I wish I'd made notes of
exactly what I did when, but I didn't think I did anything worth noting
while I was doing it... ;-)

I did have a couple of web listeners I deleted that I wasn't using, but I
didn't think that should cause this error.

I do have a certificate from my domain CA in the cert store and one for the
web listener.

I could wipe the box and reinstall since I don't have it in production, but
I'd like to know what is wrong to better understand how all of this works.
I haven't messed with this stuff since Proxy 2.0; things have changed quite
a bit.

Jeff

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Thursday, October 27, 2005 10:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 firewall won't start anymore

http://www.ISAserver.org

Wow Jeff. That's a good one. How'd you do that?

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
> Sent: Thursday, October 27, 2005 9:06 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] ISA 2004 firewall won't start anymore
> 
> http://www.ISAserver.org
> 
> Yesterday I finally got OWA publishing through ISA and immediately 
> managed to break it somehow. After restarting ths ISA services I got 
> these errors in the event log
> 
> 14177
> Some certificates cannot be initialized (error code -2146885628). The 
> Web Proxy filter could not initialize. Check that all certificates 
> used by the Web Proxy filter are valid.
> 
> 14060
> Cannot load an application filter Web Proxy Filter 
> ({4CB7513E-220E-4C20-815A-B67BAA295FF4}). FilterInit failed with code 
> 0x80092004. To attempt to activate this application filter again, stop

> and restart the Firewall service.
> 14001
> 
> Firewall Service failed to initialize. Previous event log entries 
> might help determine the proper action.
> 
> Eventid.net didn't have anything useful, and the only reference I 
> found at 
> http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=19;
> t=000394
> had no resolution. I have not done an export or anything. 
> 
> How can I tell which certificates are used by the web proxy filter as 
> the message in 14177 suggests?
> 
> Jeff
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:

> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore
• » RE: ISA 2004 firewall won't start anymore

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---