>Can you suggest any resolutions to the problem? Just run ethereal between your firewall and ISA and catch RST connections coming from web server port to ISA interface. If you will find them, problem lays in your "firewall" handling "difference" between getting all http connections from ISA compared to ISA-less network. That's the first step you have to do before claiming that ISA is doing something wrong. David Farinic - Developer GFI Software - www.gfi.com <http://www.gfi.com/> ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stuart Tonge Sent: Wednesday, April 19, 2006 2:35 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA server problem - connection refused. Hi Amy. Not connection limits - I've disabled any limits. DNS works just fine for everything else, and lookups work in general. Both simple and recursive. It's not intended to protect - I have existing hardware firewalls deployed which do the job just fine. All I want it to do is proxy. If I have time to reconfigure & learn ISA more fully after the project then I'll reconfigure it. Right now I just want it to not cause me problems. Can you suggest any resolutions to the problem? ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak Sent: 19 April 2006 13:21 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA server problem - connection refused. Might be connection limits or a problem with your DNS or workstation setup in general. Just from the brief description you gave of your ISA configuration it sounds like it might not be set up properly at all. Firewalls don't interfere, they protect. Amy ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stuart Tonge Sent: Wednesday, April 19, 2006 7:25 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] ISA server problem - connection refused. Hi all. I have an ISA server 2004 box deployed as a web proxy. I have set an allow any-any rule to stop the firewall interfering. I have my users proxying through this box to the web. It works 95% of the time. The rest of the time, i get a 10061 connection refused error. If i refresh the page, it generally refreshes the first time. This happens on many sites & has been seen nmultiple times on microsoft.com, bbc.co.uk, isaserver.org. Sometimes images do not load on a page, but this is fairly rare, and some of the images may load. Some will load, some will not. I have tried to isolate 'problem sites' but this has not worked - the error seems totally random. The only common occurance I have noted is that after one error, some clients - not all - seem to have trouble connecting to any site for the next 30-60 seconds, instead receiving the error over and over. I have only seen this on 2 of 40 clients. I have tried disabling all web filter add-ins, caching, ip routing, ip filtering, etc. Basically i've tried every button i can find in ISA 2004! nothing makes the problem better. It's also hard to test since it's intermittent. The ISA server is directly connected to a firewall which filters traffic, but this device works fine 100% of the time when web traffic passed via it instead of ISA. ISA is reporting no errors in the console. There are no errors in the syslogs. Does anyone have any ideas short of uninstalling ISA & getting a refund? Thanks, Stuart Tonge Pink Fish I.T. LTD Network Architect stuart.tonge@xxxxxxxxxxxx http://www.pink-fish.tv 01302 365408 This mail was checked for viruses by GFI MailSecurity. GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker), and network security and management software (GFI LANguard) - www.gfi.com