[isapros] Re: A Strange Possibly ISA issue

• From: Jim Harrison <Jim@xxxxxxxxxxxx>
• To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
• Date: Thu, 26 Jun 2008 06:52:46 -0700

There might well have been, but as Amy said, all ISA history was lost in the 
"support ignorance" flood.

<challenge>
I think that to answer this problem, I challenge all members of the isapros 
list to keep a copy of isabpa in their favorite diskonkey, use it when the 
opportunity presents and include it when posting to isapros.  If there are NDA 
or security issues preveing your posting this data to the list, you can post it 
to appropriate individuals instead, but the point is; gather one when you have 
the chance to touch an ailing ISA server.  IMNSHO, familiarity with ISABPA 
tools is a requirement of anyone calling themselves an ISA Pro... :-)
</challenge>

This way, when you are forced to call CSS, you can determine some measure of 
the engineer's ISA-awareness when you say "I have an ISABPA Repro package for 
you".  Their initial response will tell you all you need to know about their 
ISA skill set.  Every "real" ISA engineer's training begins and continues with 
the proper and advanced use of ISABPA.  Anyone who tells you that it's not 
relevant to a SBS-based ISA case is in need of "educational opportunities".

Maybe we can start some threads on the various options and how they map to 
certain scenarios..?

Jim

-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thomas W Shinder
Sent: Thursday, June 26, 2008 6:14 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: A Strange Possibly ISA issue

There's got to be something in the ISA firewall's log files that
explains this.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)


> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Steve Moffat
> Sent: Thursday, June 26, 2008 5:50 AM
> To: ISAPros Mailing List
> Subject: RE: [isapros] Re: A Strange Possibly ISA issue
>
> Yeah, I agree with you there Jimbo....fubarred rule no doubt.
>
>
> S
>
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Jim Harrison
> Sent: Wednesday, June 25, 2008 11:18 PM
> To: ISAPros Mailing List
> Subject: [isapros] Re: A Strange Possibly ISA issue
>
> I'm so sorry you had to experience that.
> Few things tweak me harder than the "nuke it!!" method of
troubleshooting.
> If you have the name of the "engineer" that made this suggestion, then
I'll be happy to
> apply some educational assistance.
>
>
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf
> Of Amy Babinchak
> Sent: Wednesday, June 25, 2008 2:05 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: A Strange Possibly ISA issue
>
> POP email out. VPN out. For my tests I tried to Telnet to port 25 to
my
> server. Successful from the server. Not successful from the client PC
> and the SMTP rule allows for SMTP out from any internal. The client
> shows in Sessions as all 3 client types: SecureNat, Firewall and Web
> Proxy.
>
> The client PC doesn't ever get anything back. Just withers on the vine
> and Telnet responds that connection timed out. ISA log says the same
> thing.
>
> Just got an update from the client. We brought PSS guy in and the
> suggestion was to remove ISA, configure RRAS and see if the problem
goes
> away. It did. Client PC's are getting email. So tonight ISA will be
> reinstalled and the custom rules re-created manually. As far as I can
> tell something, somewhere in the ISA must have been corrupt.
>
> Before you ask, no SRX number. It was a private help call.
>
> thanks,
>
> Amy Babinchak
>
>
> Harbor Computer Services |(248) 850-8616
>
> Tech Blog http://securesmb.harborcomputerservices.net
> Client Blog http://smalltechnotes.blogspot.com
> Website http://www.harborcomputerservices.net
>
> Buy My House http://tinyurl.com/5gb5n8
>
>
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Wednesday, June 25, 2008 4:37 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: A Strange Possibly ISA issue
>
> I'm not clear; what other protocols are being tested and what is the
> client state for these?
> If it's not a web proxy request, you'll never see a "timeout packet"
> (response) from ISA, since non-HTTP protocols don't generally provide
> for such messaging.
>
>
>
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Amy Babinchak
> Sent: Wednesday, June 25, 2008 10:43 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] A Strange Possibly ISA issue
>
> I was on a call with a guy in Wyoming last night looking to see if ISA
> could be the source of his problem. I concluded that it most likely
> wasn't but couldn't be 100% certain.
>
> Here's the situation:
>
> ISA 2004 SP3. SBS with Windows SP2 installed. Client computers are all
> running XP SP3, the Firewall client and are all members of the domain.
> Checked for the chimney off-loading stuff on the server and it is all
> set correctly. Ran the BPA and it comes back clean.
>
> Client computers are unable to access any service on the Internet
except
> http and https. The request for anything else results in a timeout
> packet on ISA from the Internet access rule. The server does not have
> this problem. The server can access any service on the Internet.
>
> Using NetMon I saw that the request from the client made it to the
> external NIC on the server. The name of the service resolved correctly
> in DNS. And then no response...it times out.
>
> Has me completely stumped. But since I didn't see anything wrong with
> ISA, I decided it wasn't an ISA issue. What do you think?
>
> thanks,
>
> Amy Babinchak
>
>
> Harbor Computer Services |(248) 850-8616
>
> Tech Blog http://securesmb.harborcomputerservices.net
> Client Blog http://smalltechnotes.blogspot.com
> Website http://www.harborcomputerservices.net
>
> Buy My House http://tinyurl.com/5gb5n8
>
>
>
>
>
>
>
>
>
>
>
>

• Follow-Ups:
  • [isapros] Re: A Strange Possibly ISA issue
    • From: Amy Babinchak
  • [isapros] Re: A Strange Possibly ISA issue
    • From: Thor (Hammer of God)

• References:
  • [isapros] Re: A Strange Possibly ISA issue
    • From: Thomas W Shinder

Other related posts:

• » [isapros] A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue
• » [isapros] Re: A Strange Possibly ISA issue

1. Home
2. isapros
3. Archive
4. 06-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---