Re: ISA2004 SP2: EventID 14148

---

• From: "Rayne Wiselman [MSFT]" <raynew@xxxxxxxxxxxxxxxxxxxx>
• Date: Wed, 22 Mar 2006 11:57:21 +0200

---

You might be running into the issue described in this KB -
http://support.microsoft.com/kb/891992/en-us

--
Rayne Wiselman [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights


"Rotzooi" <rotzooi@xxxxxxxxxxxx> wrote in message
news:%23R4VXUGTGHA.5924@xxxxxxxxxxxxxxxxxxxxxxx

Hi,

I've used a webserver quite a long time using one NIC and a hardware
router, IIS 6.0 and host headers. My router broke down, I upgraded to SDSL
with a Cisco 828. I added a second NIC that has a public IP and connects
to the Cisco, e.g. NIC=218.188.188.188 and the GW/Cisco=218.188.188.187.
No firewall is active on the Cisco and all ports are passed through.

I created a rule so LAN users can access the internet through the ISA 2004
server/proxy. This works fine. However, if I create a web server
publishing rule, I'mnot able to access the websites from the internet.
A-records are correctly setup by the provider.

The firewall reports the following error when starting:
The Web Proxy filter failed to bind its socket to 218.188.188.188 port 80.
This may have been caused by another service that is already using the
same port or by a network adapter that is not functional. To resolve this
issue, restart the Microsoft Firewall service. The error code specified in
the data area of the event properties indicates the cause of the failure.

MS Knowledge Base says it has something to do wih ports that are bind by
another service. Most likely it is IIS. But why doesn't this work well. I
checked all settings and rules from reference SBS2003SP1 server and there
are no thing different for web server publishing (HTTP only) and IIS.



Jeroen

.

---

• References:
  • ISA2004 SP2: EventID 14148
    • From: Rotzooi

• Prev by Date: Re: Acces to HTTP over non standard ports
• Next by Date: Re: ISA2004 SP2: EventID 14148
• Previous by thread: ISA2004 SP2: EventID 14148
• Next by thread: Re: ISA2004 SP2: EventID 14148
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: security advice (possible hacker activity?) ... > trojan or worm is installed onto the web server. ... > itself through the firewall to an email user on a PC, ... > the IIS web server. ... IWAM runs any site with Access or SQL. ... (microsoft.public.inetserver.iis.security) Re: security advice (possible hacker activity?) ... > trojan or worm is installed onto the web server. ... > itself through the firewall to an email user on a PC, ... > the IIS web server. ... IWAM runs any site with Access or SQL. ... (microsoft.public.win2000.security) Re: security advice (possible hacker activity?) ... Well, it's entirely up to you, but usually blocking all ports both outbound ... trojan or worm is installed onto the web server. ... the IIS web server. ... (microsoft.public.inetserver.iis.security) Re: security advice (possible hacker activity?) ... Well, it's entirely up to you, but usually blocking all ports both outbound ... trojan or worm is installed onto the web server. ... the IIS web server. ... (microsoft.public.win2000.security) Re: How good is Win XP Pro Internet Connection Firewall ... ICF blocks all incoming connections. ... and run the IIS Lockdown Tool. ... By default Norton Firewall allow access to IIS. ... So it's best to close the ports when you're not using ... (comp.security.firewalls)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > ISA  > microsoft.public.isa.configuration  > 2006-03