RE: Server cant be pinged SOLVED
- From: "Young, Gerald G" <Gerald.Young@xxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 27 Jan 2006 14:44:42 -0600
You might want to check for morphed policy objects if there is more than one DC
in the environment. That can happen when Sysvol directories and files have
been replicated to other servers and are exact copies of each but FRS can't
tell which is the most recent. When that happens, you end up with duplicate
directories which can cause these kinds of problems.
Cordially yours,
Jerry G. Young II
MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
HHS Engineering
Unisys
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
________________________________
From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx]
Sent: Sat 28/01/2006 1:23 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Server cant be pinged SOLVED
http://www.ISAserver.org
LOL!!! Carlton Draught for everyone!!!
On my customer, he used an old HP Netserver LC3 as his ISA server. I really
don't know how that policy got messed up, but I had to set it on the DC so it
would be applied on the ISA Box. So I created an OU with just ISA on it,
created the GPO setting those two users on Generate Security Audits and it all
worked again.
I can't undestand how the whole domain lost that policy.
Tiago de Aviz
SoftSell - Curitiba
(41) 3340-2363
www.softsell.com.br
Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é
restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem
por engano, queira por favor retorná-la ao destinatário e apagá-la de seus
arquivos. Qualquer uso não autorizado, replicação ou disseminação desta
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável
pelo conteúdo ou a veracidade desta informação.
>>> tshinder@xxxxxxxxxxx 27/1/2006 00:02 >>>
http://www.ISAserver.org
Wow!
Beers all around for Tiago!
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Michael Ross [mailto:mross@xxxxxxxxxxx] <mailto:mross@xxxxxxxxxxx%5d>
> Sent: Thursday, January 26, 2006 6:31 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Server cant be pinged SOLVED
>
> http://www.ISAserver.org
>
> BINGO
>
> Looks like I had to open that policy, make sure it was right,
> then close it.
> Now its working!!!!!!
>
> -----Original Message-----
> From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx]
> <mailto:Tiago@xxxxxxxxxxxxxxx%5d>
> Sent: Thursday, January 26, 2006 6:07 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Server cant be pinged
>
> http://www.ISAserver.org
>
> Same Behavior that I saw on a customer of mine.
>
> The firewall service wouldn't go up and as Jim stated a long
> time ago, ISA 2004 will enter a "Network Brick" mode, that
> it'll be able to access anything, but anything won't be able
> to access ISA.
>
> I had that issue back some time ago when an specific GPO
> change made my customer's ISA stop starting...
>
> Together with Microsoft's folks, we diagnosed that there's a
> policy locally on your ISA Box named "Generate Security
> audits", and in that policy you must have two accounts listed:
>
> NETWORK SERVICE
> LOCAL SERVICE
>
> It's just a tip of what may be happening. But by the symptoms
> you described, either:
>
> -You have a rule configuration problem
> -ISA isn't loading its own rules
> -ISA installation gone FUBAR for whatever reason -Conflict
> with another firewall installed (E.G.: Trend or McAffee ones
> that go up together with the AV)
>
>
>
> Tiago de Aviz
> SoftSell - Curitiba
> (41) 3340-2363
> www.softsell.com.br
>
> Esta mensagem, incluindo seus anexos, tem caráter
> confidencial e seu conteúdo é restrito ao destinatário da
> mensagem. Caso você tenha recebido esta mensagem por engano,
> queira por favor retorná-la ao destinatário e apagá-la de
> seus arquivos. Qualquer uso não autorizado, replicação ou
> disseminação desta mensagem ou parte dela é expressamente
> proibido. A SoftSell não é responsável pelo conteúdo ou a
> veracidade desta informação.
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gerald.young@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
