[isapros] Re: A Strange Possibly ISA issue

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isapros@xxxxxxxxxxxxx>
• Date: Thu, 26 Jun 2008 08:13:54 -0500

There's got to be something in the ISA firewall's log files that
explains this.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)


> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Steve Moffat
> Sent: Thursday, June 26, 2008 5:50 AM
> To: ISAPros Mailing List
> Subject: RE: [isapros] Re: A Strange Possibly ISA issue
> 
> Yeah, I agree with you there Jimbo....fubarred rule no doubt.
> 
> 
> S
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Jim Harrison
> Sent: Wednesday, June 25, 2008 11:18 PM
> To: ISAPros Mailing List
> Subject: [isapros] Re: A Strange Possibly ISA issue
> 
> I'm so sorry you had to experience that.
> Few things tweak me harder than the "nuke it!!" method of
troubleshooting.
> If you have the name of the "engineer" that made this suggestion, then
I'll be happy to
> apply some educational assistance.
> 
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Amy Babinchak
> Sent: Wednesday, June 25, 2008 2:05 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: A Strange Possibly ISA issue
> 
> POP email out. VPN out. For my tests I tried to Telnet to port 25 to
my
> server. Successful from the server. Not successful from the client PC
> and the SMTP rule allows for SMTP out from any internal. The client
> shows in Sessions as all 3 client types: SecureNat, Firewall and Web
> Proxy.
> 
> The client PC doesn't ever get anything back. Just withers on the vine
> and Telnet responds that connection timed out. ISA log says the same
> thing.
> 
> Just got an update from the client. We brought PSS guy in and the
> suggestion was to remove ISA, configure RRAS and see if the problem
goes
> away. It did. Client PC's are getting email. So tonight ISA will be
> reinstalled and the custom rules re-created manually. As far as I can
> tell something, somewhere in the ISA must have been corrupt.
> 
> Before you ask, no SRX number. It was a private help call.
> 
> thanks,
> 
> Amy Babinchak
> 
> 
> Harbor Computer Services |(248) 850-8616
> 
> Tech Blog http://securesmb.harborcomputerservices.net
> Client Blog http://smalltechnotes.blogspot.com
> Website http://www.harborcomputerservices.net
> 
> Buy My House http://tinyurl.com/5gb5n8
> 
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Wednesday, June 25, 2008 4:37 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: A Strange Possibly ISA issue
> 
> I'm not clear; what other protocols are being tested and what is the
> client state for these?
> If it's not a web proxy request, you'll never see a "timeout packet"
> (response) from ISA, since non-HTTP protocols don't generally provide
> for such messaging.
> 
> 
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Amy Babinchak
> Sent: Wednesday, June 25, 2008 10:43 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] A Strange Possibly ISA issue
> 
> I was on a call with a guy in Wyoming last night looking to see if ISA
> could be the source of his problem. I concluded that it most likely
> wasn't but couldn't be 100% certain.
> 
> Here's the situation:
> 
> ISA 2004 SP3. SBS with Windows SP2 installed. Client computers are all
> running XP SP3, the Firewall client and are all members of the domain.
> Checked for the chimney off-loading stuff on the server and it is all
> set correctly. Ran the BPA and it comes back clean.
> 
> Client computers are unable to access any service on the Internet
except
> http and https. The request for anything else results in a timeout
> packet on ISA from the Internet access rule. The server does not have
> this problem. The server can access any service on the Internet.
> 
> Using NetMon I saw that the request from the client made it to the
> external NIC on the server. The name of the service resolved correctly
> in DNS. And then no response...it times out.
> 
> Has me completely stumped. But since I didn't see anything wrong with
> ISA, I decided it wasn't an ISA issue. What do you think?
> 
> thanks,
> 
> Amy Babinchak
> 
> 
> Harbor Computer Services |(248) 850-8616
> 
> Tech Blog http://securesmb.harborcomputerservices.net
> Client Blog http://smalltechnotes.blogspot.com
> Website http://www.harborcomputerservices.net
> 
> Buy My House http://tinyurl.com/5gb5n8
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 

• Follow-Ups:
  • [isapros] Re: A Strange Possibly ISA issue
    • From: Amy Babinchak
  • [isapros] Re: A Strange Possibly ISA issue
    • From: Jim Harrison

Other related posts:

• » [isapros] A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue

1. Home
2. isapros
3. Archive
4. 06-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---