[isapros] Re: Binding Issue
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 28 Nov 2006 12:18:29 -0800
Common ISA resource conflict combinations:
- NAT-based Server publishing rules & web listeners operating
on the same IP/port combination
- Any publishing listener and a non-ISA application (IIS, for
instance) configured for the same IP/port combination
- Web proxy and auto-discovery listeners configured for the
port
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Tuesday, November 28, 2006 10:09 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Binding Issue
Hi Amy,
I'd check the IIS configuration first and check the bindings for the
sites for 80 and 443.
I assume that they should only be bound to the Internal interface, is
that right? Otherwise, you can't have any Web listeners if you only have
a single IP address.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak
Sent: Tuesday, November 28, 2006 11:58 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Binding Issue
I've just had an SBS ISA install freak out. It's unable to bind
80 and 443 to the external NIC. Now, they've got a vendor in there for a
LOB app and he's been known to "do stuff" like delete the sbsflt asapi
filter because he didn't need it. It was he that called and said "none
of the website are working over there". Great, that the same message he
left me last time when he deleted files on me. Sorry, ranting...
The point is that I'm getting a binding error on the external
NIC. Internally websites are working for the most part. The sharepoint
site is not working this may be related but generates a simple site not
ready try again later error message. All other sites are working if you
access them from the inside. OWA and RWW can't be accessed from the
outside. I've not had to troubleshoot binding problems before. How
should I go about this? Here's what I've got for log and events as a
starting point.
ISA log, when I attempt to view a website from outside the
network.
Original Client IP Client Agent
Authenticated Client Service Server Name Referring Server
Destination Host Name Transport MIME Type
Object Source Source Proxy Destination Proxy
Bidirectional Client Host Name Filter
Information Network Interface Raw IP Header Raw
Payload Source Port Processing Time
Bytes Sent Bytes Received Result Code Cache Information
Log Record Type Destination IP Destination Port
Protocol Action Rule Client IP
Destination Network Client Username Source
Network HTTP Status Code Error Information
HTTP Method URL Log Time
68.41.152.252
SBS2003 - TCP -
No -
4274 0 0 0 0xc004000d
FWX_E_POLICY_RULES_DENIED 0x0 Firewall
70.90.38.29 80 HTTP Denied Connection
Default rule 68.41.152.252 Local Host
External 0x0 - -
11/28/2006 12:40:41 PM
Alerts
Alert Information
Description: The Web Proxy filter failed to bind its socket to
70.90.38.29 port 80. This may have been caused by another service that
is already using the same port or by a network adapter that is not
functional. To resolve this issue, restart the Microsoft Firewall
service. The error code specified in the data area of the event
properties indicates the cause of the failure.
The failure is due to error: 0x8007271d
<br>The Web Proxy filter failed to bind its socket to
70.90.38.29 port 443. This may have been caused by another service that
is already using the same port or by a network adapter that is not
functional. To resolve this issue, restart the Microsoft Firewall
service. The error code specified in the data area of the event
properties indicates the cause of the failure.
The failure is due to error: 0x8007271d
Event Viewer
14148
Source: Microsoft ISA Server Web Proxy
Amy Babinchak
All mail to and from this domain is GFI-scanned.
Other related posts:
