DNS going down would have the effect of taking down http, as well as SMTP (and some others I am sure) one thing I found that I thought was very intersting was that from the outside, I could not do an NSLOOKUP and a NETSTAT on the ISA server showed that there was in fact no connection to the DNS server. However, if I telnet to my external IP Port 53, then NETSTAT shows that I have made a connection to my DNS server =( Thats kinda why I think it has something to do with UDP.. but Im not as up to speed as Id like to be on how DNS works wierd! I saw some news articles that said disabling/enabling the DNS publishing rule may correct the problem. (rather than rebooting the server or stop/start the firewall service...((both a pain in the arse)) but I haven't had a chance to see if that actually works. Let me know if you find/apply that patch, and if it does anything -Jay Subject: [isalist] RE: Server published ports stop allowing connections http://www.ISAserver.org Jay, I am not really sure what we lost, I got a call this AM to say the outside world couldn't access our websites. As the DNS is also published through the firewall, it could be either the DNS or the HTTP connection we lost. A simple restart of the services and all was working. All I know is that we did not receive any email from midnight to after I restarted the services. I will look into this hotfix tomorrow (I'm in the UK and it's home time). I thought I had installed all pre sp1 hotfixes, so I may have a copy here somewhere. Patrick -----Original Message----- From: Jay J. Mobley [mailto:jmobley@xxxxxxxxxx] Sent: 12 February 2002 18:21 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Server published ports stop allowing connections http://www.ISAserver.org Ayah... I dont know where I would even find that information if its not still published on Microsofts site. I think you're prolly gonna find that they no longer publish hot-fixes in leiu of the SP. I found a Q article that spoke directly to the issue (specificly DNS) yesterday that pointed to the SP Sorry. how often are you getting this.. I kinda think it may be a UDP issue (but that would not fit for u since you said you loose SMTP and other things too ?) -Jay -----Original Message----- From: patricks@xxxxxxxxxxxxxxxxxx [mailto:patricks@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, February 12, 2002 10:17 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Server published ports stop allowing connections http://www.ISAserver.org Jay, I have applied sp1, what was the pre sp1 hotfix ? I think I will re apply it to my system. I do not want to uninstall sp1 unless I have to, this is a live system and I really do not want to break it any more than it is. Patrick -----Original Message----- From: Jay J. Mobley [mailto:jmobley@xxxxxxxxxx] Sent: 12 February 2002 18:12 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Server published ports stop allowing connections http://www.ISAserver.org I had this problem too pre-SP1 there was a patch then that fixed it and it was supposedly in SP1 ... I applied SP1 about a month ago and yesterday I began to see the same problems begin again. I know.. not much in the way of help, but hopefully you can do something with the info -Jay -----Original Message----- From: patricks@xxxxxxxxxxxxxxxxxx [mailto:patricks@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, February 12, 2002 1:43 AM To: [ISAserver.org Discussion List] Subject: [isalist] Server published ports stop allowing connections http://www.ISAserver.org I seem to have a bit of a stability problem with my ISA Server. Every month or so, my ISA seems to stop allowing connections to certain published services (mail, dns, http etc). Proxy browsing out of our firewall works fine, but anyone accessing services from outside the firewall are refused. I cannot find any patterns. Restarting the services seems to fix the problem. Can anyone give me any pointers on how to troubleshoot this. I would also like to try and setup an alert for when this happens again. As this would run behind the firewall, I am not sure what I can check to see if this problem is happening. Has anyone got any ideas ? Patrick ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jmobley@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: patricks@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jmobley@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: patricks@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jmobley@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')