Re: ISA Event
From: Chad A. Gross [SBS Community Member] (chad.gross_at_laytonflower.nospam.com)
Date: 10/05/04
- Previous message: David F: "POP3 trouble in Exchange with roaming profile"
- In reply to: Jack: "Re: ISA Event"
- Next in thread: Jack: "Re: ISA Event"
- Reply: Jack: "Re: ISA Event"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 4 Oct 2004 23:07:07 -0500
Well Jack,
I haven't seen this happen before - as I'm sure you know, most of the stuff
out there indicates socket pooling, but since that has been tried, it's
obviously not it. However, I did find one obscure reference that said
applying ISA SP1 resolved the issue. So it's worth asking - is this SBS
up-to-date on patches? (Currently ISA should be at SP2)
-- Chad A. Gross - SBS MVP SBS ROCKS! www.msmvps.com/cgross www.gosbs.org Jack wrote: > Hi Chad, > The previous message was more a shot at SuperGrumby. > Here is the message in the event viewer. > The event is 14148: > > Web Proxy service failed to bind its socket to 192.168.4.9 port 443. > This could be caused by another service that is already using the > same port or by a network interface card that is not functional. The > error code specified in the Data area of the event properties > indicates the cause of the failure. For more information about this > event, see ISA Server Help. > > > > I did go to eventid.net and the articles i read said either disable > socketpooling which i did or change the port on the website. To use > https in isa you need a server publishing rule. The issue is if i > change the port in iis then i still have to make a new publishing > rule in ISA reflecting the new port. I created a protocol rule with > the new port eg: i replaced 443 with 4433 but i still got the error > as iis and isa are listeneng on the same port. Disableing > socketpooling works fine on port 80 but i want to use SSL on 443. > It is really frustrating IIS and ISA together on sbs. > Cheers > Jack. > > "Chad A. Gross [SBS Community Member]" > <chad.gross@laytonflower.nospam.com> wrote in message > news:#mtgJ9nqEHA.1952@TK2MSFTNGP12.phx.gbl... >> Nice try, but I'm not going to bite on that one :^) >> >> What is the exact error you're getting in the event viewer? Have you >> checked it against eventid.net? What 3rd party apps are running on >> this box (if any). Besides this web site you're working with here, >> has anything else been done to IIS? >> >> -- >> >> Chad A. Gross - SBS MVP >> SBS ROCKS! >> >> www.msmvps.com/cgross >> www.gosbs.org >> >> >> Jack wrote: >>> The fix you reckon works didn't. i still get the same message in the >>> event viewer. I am not bothering with sbs2k i am installing 2003 at >>> least i can get it to work ok. >>> It is funny how MVP's put down MCSE's when MVP isn't even a >>> certification. It is really funny you can say we MVP's fix up >>> problems MCSE did, you must be mental. Why don't you people go and >>> pay some money and get a proper certification against your name? I >>> have noticed all you guys do is go to the knowledge base or paste a >>> link to the knowledge base, well to pass an exam you need to know >>> how >>> to fix and troubleshoot without having to use the ms website. >>> Jack. >>> >>> Jack. >>> >>> "Chad A. Gross [SBS Community Member]" >>> <chad.gross@laytonflower.nospam.com> wrote in message >>> news:eCq3uHJpEHA.3592@TK2MSFTNGP09.phx.gbl... >>>> LOL . . . Mick, it's so nice to see that your penchant for >>>> subtlety hasn't changed . . . ;^) >>>> >>>> Jack - for the record, he is right. The Configure IIS task on the >>>> To Do List will disable socket pooling, and when you run the ICW >>>> you have the option to publish your website, which will create the >>>> necessary web publishing rule within ISA. >>>> >>>> -- >>>> >>>> Chad A. Gross - SBS MVP >>>> SBS ROCKS! >>>> >>>> www.msmvps.com/cgross >>>> www.gosbs.org >>>> >>>> >>>> SuperGumby [SBS MVP] wrote: >>>>> tickles my fancy that does. >>>>> >>>>> The man who gives the right answer is lambasted while the man >>>>> giving the wrong one is thanked. >>>>> >>>>> "Jack" <jack30@hotmail.com> wrote in message >>>>> news:#q9twSHpEHA.896@TK2MSFTNGP12.phx.gbl... >>>>>> Thanks Chad >>>>>> Thats the answer i was after and all i wanted from the start. >>>>>> I wasn't having a go at dudes that use sbs i was having a go at >>>>>> microsoft as in all my courses and tests there is no sbs >>>>>> questions they don't teach you about how to run sbs server >>>>>> studying mcse. I realised it was different unlike some people i >>>>>> know that only use enterprise and have egos thinking they can >>>>>> fix all ms products I >>>>>> came here so I don't stuff the sbs server up eg: I have never >>>>>> used >>>>>> a domain controller that pops mail i am used to mail servers so >>>>>> that >>>>>> was an eye opener as exchange enterprise doesn't come with any >>>>>> pop connector. >>>>>> But the good thing is now i will know both worlds even though i >>>>>> am not used to running so many wizards i will learn them so >>>>>> thanks again. >>>>>> Cheers >>>>>> Jack >>>>>> "Chad A. Gross [SBS Community Member]" >>>>>> <chad.gross@laytonflower.nospam.com> wrote in message >>>>>> news:ugxRLqDpEHA.648@tk2msftngp13.phx.gbl... >>>>>>> Jack - >>>>>>> >>>>>>> It sounds like you're trying to bind an IIS website to port 443 >>>>>>> on your external interface. This isn't going to happen because >>>>>>> the >>>>>>> ISA web listeners are bound to 80 & 443 on your external >>>>>>> interface. What you want to do is create a web publishing rule >>>>>>> in ISA. Open >>>>>>> ISA Management, expand Servers & Arrays | <servername> | >>>>>>> Publishing >>>>>>>> Web Publing Rules. >>>>> Click >>>>>>> Action | New | Rule. Follow the wizard to create a new web >>>>>>> publishing rule to publish your web site. >>>>>>> >>>>>>> The reason you want to do it this way (instead of directly >>>>>>> binding the website to the external interface) is to take >>>>>>> advantage of the application-level filtering that ISA gives you. >>>>>>> >>>>>>> As for the wizards, they're there so we can easily & quickly fix >>>>>>> an SBS and get it to a recommended configuration after an >>>>>>> Enterprise >>>>>>> MCSE screws it up . . . ;^) That is nothing against you >>>>>>> personally - most smallbiz IT consultants would have a hard time >>>>>>> adjusting to an enterprise deployment. The big difference is >>>>>>> that >>>>>>> we know we'd have to learn new things to fit into that >>>>>>> environment. All to often, the enterprise level tech assumes >>>>>>> that SBS is just >>>>>>> these 4 products installed on one box. What they overlook is >>>>>>> that SBS is much more than the sum of it's parts, and the fact >>>>>>> that we have IIS, Exchange & ISA on our one & only DC means >>>>>>> that we do things slightly differently. More often than not, >>>>>>> they don't respect that they may have to learn something to get >>>>>>> this box to sing. All of us have our own real-world >>>>>>> experiences of cleaning >>>>>>> up after the enterprise MCSE who tried to set up SBS . . . :^) >>>>>>> >>>>>>> As for the security - we're all aware that SBS breaks MS' own >>>>>>> rules regarding ISA - and we'd love to be able to pull that off >>>>>>> and put >>>>>>> in on a separate server. However, our threat vectors down here >>>>>>> are slightly different that the enterprise. Our main threat >>>>>>> isn't the fact that our ISA is on our DC - no, our main threat >>>>>>> is our >>>>>>> desktops, and poorly written smallbiz apps (QuickBooks) that >>>>>>> require local Administrator rights, etc. >>>>>>> >>>>>>> Back to the wizards - you do realize that the wizards write log >>>>>>> files that tell you what they did? >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> Chad A. Gross - SBS MVP >>>>>>> SBS ROCKS! >>>>>>> >>>>>>> www.msmvps.com/cgross >>>>>>> www.gosbs.org >>>>>>> >>>>>>> >>>>>>> Jack wrote: >>>>>>>> Mate, just face the fact that you don't know how to fix my >>>>>>>> problem. I don't know by what you mean the hard way? I ran the >>>>>>>> wizards in the to do list and it didn't fix the problem just >>>>>>>> like you recommended. SBS is basicly made for companys who >>>>>>>> don't >>>>>>>> really have a fulltime administrator and thats why there is so >>>>>>>> many wizards. You dont get all those wizards in enterprise >>>>>>>> edition and that makes a whole lot of difference when >>>>>>>> troubleshooting a problem as you need to know the program not >>>>>>>> just how to run a >>>>>>>> wizard. How do you know a wizard worked as they don't tell you >>>>>>>> where wizard makes changes so how can you troubleshoot a >>>>>>>> problem >>>>>>>> if you don't know where the exact changes are made.I would >>>>>>>> rather make the changes myself even though it might take a bit >>>>>>>> longer at lease you know what happened step by step if there >>>>>>>> is a problem down the track so you know where to fix the >>>>>>>> problem .And how can you undo wizards. You can't. You just >>>>>>>> rerun them. dodgy. >>>>>>>> Jack >>>>>>>> >>>>>>>> >>>>>>>> "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message >>>>>>>> news:#YN6t43oEHA.3460@TK2MSFTNGP15.phx.gbl... >>>>>>>>> and I feel sorry for people who do things the hard way. >>>>>>>>> >>>>>>>>> "Jack" <jack2007a@hotmail.com> wrote in message >>>>>>>>> news:#j996I3oEHA.800@TK2MSFTNGP14.phx.gbl... >>>>>>>>>> Hi, when i said i am new to sbs 2k i mean't new to having all >>>>>>>>>> apps on the same box. I use windows Advanced server 2003 in >>>>>>>>>> an enterprise with a multiple domain structure with seperate >>>>>>>>>> boxes for ISA, Exchange etc. I am currently Studying my MCSE >>>>>>>>>> 2003 and as the books say.....Don't have isa and iss on the >>>>>>>>>> same box. MS recommend having the seperate scenario for >>>>>>>>>> security purposes >>>>>>>>>> even exchange should be seperate. Basicly SBS breaks their >>>>>>>>>> own rules. I have also noticed that alot of the services are >>>>>>>>>> not >>>>>>>>>> even being used on sbs, What a waste. I feel sorry for people >>>>>>>>>> who just use sbs as they don't get to see the full function >>>>>>>>>> of Forest wide domain structure and all the services that >>>>>>>>>> come >>>>>>>>>> with it. To answer your question i did use the to do list. >>>>>>>>>> The iis section in yhe list just runs a wizard which does >>>>>>>>>> exactly >>>>>>>>>> the >>>>>>>>>> same thing as i did in the command prompt (Disabled >>>>>>>>>> socketpooling) In sbs 2003 it is easy to do using httpcfg but >>>>>>>>>> not 2k. >>>>>>>>>> I just need to know how to disablesocketpooling for port 443 >>>>>>>>>> rather than just 80 without having to change the port which >>>>>>>>>> will work. Thanks >>>>>>>>>> Jack. >>>>>>>>>> "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message >>>>>>>>>> news:u8thTa8nEHA.3968@TK2MSFTNGP11.phx.gbl... >>>>>>>>>>> It says nothing of the sort, there is an inference that >>>>>>>>>>> socket pooling has been disabled, if you stretch your >>>>>>>>>>> imagination a long way, all you really present is a single >>>>>>>>>>> line of netstat output. But hey, what's the big deal. >>>>>>>>>>> >>>>>>>>>>> More important than any measure you may have manually taken >>>>>>>>>>> I'm interested to find out whether you have completed (at >>>>>>>>>>> least) the to-do list items I refer to and hopefully the >>>>>>>>>>> full to-do list. I don't want to know if you have manually >>>>>>>>>>> performed the functions you believe are accomplished by the >>>>>>>>>>> to-do list items, I wanna >>>>>>>>>>> know if you have completed the to-do list. Main reason being >>>>>>>>>>> that someone who had completed the to-do list would not >>>>>>>>>>> normally experience the problem you are experiencing. >>>>>>>>>>> >>>>>>>>>>> Why do you wish to move the 'exchange virtual servers'? what >>>>>>>>>>> do you believe you will accomplish by doing this? As the >>>>>>>>>>> system is SBS no component of the SBS applications can be >>>>>>>>>>> moved to another box, but, for example, you could easily set >>>>>>>>>>> up an SMTP service >>>>>>>>>>> on another box, it would just need to be an SMTP service (or >>>>>>>>>>> virtual server) which IS NOT part of SBS Exchange. eg. GFI >>>>>>>>>>> ME can be set up as an SMTP filter on a front end which >>>>>>>>>>> feeds SBS exchange, I'm not suggesting this is recommended >>>>>>>>>>> let alone advised but it is a possibility. >>>>>>>>>>> >>>>>>>>>>> "Jack" <jack2007a@hotmail.com> wrote in message >>>>>>>>>>> news:ulJk936nEHA.536@TK2MSFTNGP11.phx.gbl... >>>>>>>>>>>> I disabled socketpooling If you read my first article >>>>>>>>>>>> properly >>>>>>>>>>>> it says that. I have done what i should but sbs2k is >>>>>>>>>>>> useless. >>>>>>>>>>>> I will move the web pages to another server and if i do >>>>>>>>>>>> that >>>>>>>>>>>> is it possible to move the exchange virtual servers to a >>>>>>>>>>>> member server on my network? >>>>>>>>>>>> cheers >>>>>>>>>>>> Jack. >>>>>>>>>>>> "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message >>>>>>>>>>>> news:#20YGAsnEHA.2140@TK2MSFTNGP11.phx.gbl... >>>>>>>>>>>>> go through the to-do list. 'Configure IIS' (will disable >>>>>>>>>>>>> socket pooling and bind the IIS listeners to the internal >>>>>>>>>>>>> only) and 'Connect to the Internet'. >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> Mick Malloy >>>>>>>>>>>>> http://www.micropol.com.au >>>>>>>>>>>>> >>>>>>>>>>>>> "jack" <jack2007a@hotmail.com> wrote in message >>>>>>>>>>>>> news:edIEBwrnEHA.2388@TK2MSFTNGP10.phx.gbl... >>>>>>>>>>>>>> There is 2 nics and here is My ipconfig: >>>>>>>>>>>>>> Windows 2000 IP Configuration >>>>>>>>>>>>>> >>>>>>>>>>>>>> Host Name . . . . . . . . . . . . : server >>>>>>>>>>>>>> Primary DNS Suffix . . . . . . . : domain name >>>>>>>>>>>>>> Node Type . . . . . . . . . . . . : Hybrid >>>>>>>>>>>>>> >>>>>>>>>>>>>> IP Routing Enabled. . . . . . . . : Yes >>>>>>>>>>>>>> >>>>>>>>>>>>>> WINS Proxy Enabled. . . . . . . . : No >>>>>>>>>>>>>> >>>>>>>>>>>>>> DNS Suffix Search List. . . . . . : domain name >>>>>>>>>>>>>> >>>>>>>>>>>>>> Ethernet adapter local: >>>>>>>>>>>>>> >>>>>>>>>>>>>> Connection-specific DNS Suffix . : >>>>>>>>>>>>>> Description . . . . . . . . . . . : HP NC7760 Gigabit >>>>>>>>>>>>>> Server Adapter Physical Address. . . . . . . . . : mac >>>>>>>>>>>>>> address >>>>>>>>>>>>>> >>>>>>>>>>>>>> DHCP Enabled. . . . . . . . . . . : No >>>>>>>>>>>>>> >>>>>>>>>>>>>> IP Address. . . . . . . . . . . . : 10.0.0.2 >>>>>>>>>>>>>> >>>>>>>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>>>>>>>>>>> >>>>>>>>>>>>>> Default Gateway . . . . . . . . . : >>>>>>>>>>>>>> >>>>>>>>>>>>>> DNS Servers . . . . . . . . . . . : 10.0.0.2 >>>>>>>>>>>>>> Primary WINS Server . . . . . . . : 10.0.0.2 >>>>>>>>>>>>>> >>>>>>>>>>>>>> Ethernet adapter external: >>>>>>>>>>>>>> >>>>>>>>>>>>>> Connection-specific DNS Suffix . : >>>>>>>>>>>>>> Description . . . . . . . . . . . : HP NC3123 Fast >>>>>>>>>>>>>> Ethernet NIC Physical Address. . . . . . . . . : mac >>>>>>>>>>>>>> address >>>>>>>>>>>>>> >>>>>>>>>>>>>> DHCP Enabled. . . . . . . . . . . : No >>>>>>>>>>>>>> >>>>>>>>>>>>>> IP Address. . . . . . . . . . . . : 192.168.4.9 >>>>>>>>>>>>>> >>>>>>>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>>>>>>>>>>> >>>>>>>>>>>>>> Default Gateway . . . . . . . . . : 192.168.4.11 >>>>>>>>>>>>>> >>>>>>>>>>>>>> DNS Servers . . . . . . . . . . . : 10.0.0.2 >>>>>>>>>>>>>> >>>>>>>>>>>>>> "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message >>>>>>>>>>>>>> news:erix$zqnEHA.3876@TK2MSFTNGP15.phx.gbl... >>>>>>>>>>>>>>> looks like a single NIC SBS? correct? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> please give us the output of 'ipconfig /all > >>>>>>>>>>>>>>> c:\ipconfig.txt' from the server. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> Mick Malloy >>>>>>>>>>>>>>> http://www.micropol.com.au >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> "Jack" <jack2007a@hotmail.com> wrote in message >>>>>>>>>>>>>>> news:OLR6ksqnEHA.1304@TK2MSFTNGP09.phx.gbl... >>>>>>>>>>>>>>>> I am new to sbs and i need some help with publishing 0n >>>>>>>>>>>>>>>> isa. I keep gettig the error below in the event viewer: >>>>>>>>>>>>>>>> Web Proxy service failed to bind its socket to >>>>>>>>>>>>>>>> 192.168.4.9 >>>>>>>> port >>>>>>>>>>> 443. >>>>>>>>>>>>>> This >>>>>>>>>>>>>>>> could be caused by another service that is already >>>>>>>>>>>>>>>> using the >>>>>>>>> same >>>>>>>>>>>> port >>>>>>>>>>>>>> or >>>>>>>>>>>>>>>> by >>>>>>>>>>>>>>>> a network interface card that is not functional. The >>>>>>>>>>>>>>>> error code specified in >>>>>>>>>>>>>>>> the Data area of the event properties indicates the >>>>>>>>>>>>>>>> cause of the failure. For more information about this >>>>>>>>>>>>>>>> event, >>>>>>>>>>>>>>>> see ISA Server Help. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I looked on the web for help and did a netstat -an and >>>>>>>>>>>>>>>> this >>>>>>>> is >>>>>>>>>> what >>>>>>>>>>> i >>>>>>>>>>>>>> get: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> TCP 192.168.4.9:443 0.0.0.0:0 LISTENING. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> How do i stop this error. I found an article to disable >>>>>>>>>>>>>>>> socketpooling on >>>>>>>>>>>>>>>> the >>>>>>>>>>>>>>>> sbs if isa and iss are on the same box but it didn't >>>>>>>>>>>>>>>> seem to >>>>>>>> do >>>>>>>>>> any >>>>>>>>>>>>>> good. >>>>>>>>>>>>>>>> Any help would be much appreciated. >>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>> Jack.
- Previous message: David F: "POP3 trouble in Exchange with roaming profile"
- In reply to: Jack: "Re: ISA Event"
- Next in thread: Jack: "Re: ISA Event"
- Reply: Jack: "Re: ISA Event"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
