I'm sending this again, because it didn't seem to go through the first time. I sent it a couple of hours ago, but I haven't seen it come out on the list yet. All I've gotten were two "Out of Office" messages. Sorry if it ends up getting posted twice. Rob _____________________________________________ From: Rob Moore Sent: Thursday, April 05, 2007 10:05 AM To: 'isalist@xxxxxxxxxxxxx' Subject: ISA 2006 Firewall Service not starting Hello list- Yesterday I exported the settings from my ISA 2004 Standard (on Windows 2003 SP1) server and imported them on my new ISA 2006 Standard (on Windows 2003 SP2) server. Following the MS guide for this migration (http://www.microsoft.com/technet/isa/2006/upgrade_guide_se.mspx#Migrati on) I also imported the SSL certificate for publishing my OWA site, installed a new certificate from my internal CA for VPN encryption, and created the user account for my L2TP site-to-site connection. This morning I tried to swap the two boxes. But the Microsoft Firewall service wouldn't start on the ISA 2006 box. I got this error: "The Microsoft Firewall service terminated with service-specific error 2148081668 (0x80092004)". When I take the server out of production and boot it up with only the LAN cable attached, the Firewall service starts. I've done a bit of digging around and found a year-and-a-half old conversation between Tom and someone talking about certificates needing to be installed in the Trusted Root Certification Authorities. I looked there, and my new server doesn't seem to have anything there from Comodo-the supplier of our OWA certificate-whereas my old server does. Could that be causing the firewall service not to start when the WAN cable is connected to the world? Is there another path I need to check out? Thanks, Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Help Desk: 800-500-AFSC