Re: ISA Server Having Issues.
From: Terry (tvstory_at_mainstream-mktg.com)
Date: 06/23/04
- Next message: Lefteris Vladimiros \(MCT\): "Re: Caching of Macromedia Flash Content"
- Previous message: Jim Harrison [MSFT]: "Re: New Thread for Tony Su"
- In reply to: Jim Harrison [MSFT]: "Re: ISA Server Having Issues."
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 23 Jun 2004 14:23:42 -0700
Thanks for everything guys; even the hazing. Looks like
there was a virus on a Laptop that recently joined our
domain. Looks like I forgot to install the virus client
on it *blush*. Once I disconnected it from the network,
traffic didnt have anymore problems. The ISA logs did
point to the problem computer. I will definately heed
your advice and get ontop of my ISA log duties. Thanks!!!!
Terry
>-----Original Message-----
>Add the "logallinterfaces" registry change listed in this
KB:
>http://support.microsoft.com/?id=283213
>
>It'll tell you what clients are beating your server to
death by logging traffic at the Internal interface.
>--
> Jim Harrison [ISASE]
> Read the help, books and articles!
>
> This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>
>"Terry" <tvstory@mainstream-mktg.com> wrote in message
news:209b901c45953$27c906a0$a401280a@phx.gbl...
>Okay. My goal for the next 30 days is to learn how to
>read ISA logs and start reviewing them. Scouts honor. We
>do have Norton Antivirus Corporate edition running on our
>domain and it is kept up to date. I really need to get
>this problem resolved so people can access email without
>restarting ISA server every other minute.
>
>
>>-----Original Message-----
>>You don't regularly review your ISA logs?
>>shame, shame... ;-)
>>
>>Do you have any form of anti-virus running on your
>internal clients or ISA?
>>If not, you have a big job ahead of you.
>>--
>> Jim Harrison [ISASE]
>> Read the help, books and articles!
>>
>> This posting is provided "AS IS" with no warranties, and
>confers no rights.
>>
>>
>>"Terry" <tvstory@mainstream-mktg.com> wrote in message
>news:2086701c45949$e08e3fc0$a501280a@phx.gbl...
>>I didn't even think of the ISA logs. Go figure. What
>>excactly am I looking for? The IPPEX log does show
mostly
>>BLOCKED lines. The FWS logs show a lot of entries, a lot
>>of winupdate.exe for some reason. The Webex docs are too
>>big to open. All my Webext docs are generally over 1GB
>>for some reason; always have been.
>>
>>If there is an infected LAT host, what steps would need
to
>>be taken? Thanks!!
>>
>>>-----Original Message-----
>>>Review your ISA logs for lots of denied traffic.
>>>This behavior is often the result of an infected LAT
>host.
>>>
>>>--
>>> Jim Harrison [ISASE]
>>> Read the help, books and articles!
>>>
>>> This posting is provided "AS IS" with no warranties,
and
>>confers no rights.
>>>
>>>
>>>"Terry" <tvstory@mainstream-mktg.com> wrote in message
>>news:2026f01c45944$0449cc50$a601280a@phx.gbl...
>>>Hello,
>>>
>>>Our business runs on SBS2000 and utilizes the ISA
Server.
>>>For some reason, it started being flaky. The first
>>>symptom is that the Firewall Client says "ISA Server1 is
>>>inaccessible. The second symptom is that Outlook and
>>>streaming audio stop working. File sharing with the
>>>server works as does the WWW. We also use the proxy
>>>server. No errors are reported in the event viewer.
>>>
>>>Restarting the Microsoft ISA Server Control, Web Proxy,
>>>and Firewall services fixes the problem but only for
>about
>>>a minute (occationally longer but not lately). I
>>>completely rebooted the server last night but the
>problems
>>>were back by 9am this morning.
>>>
>>>The lack of error logs leaves me with my hands up in the
>>>air. Does anyone have suggestions? Thanks!!!
>>>
>>>
>>>.
>>>
>>
>>
>>.
>>
>
>
>.
>
- Next message: Lefteris Vladimiros \(MCT\): "Re: Caching of Macromedia Flash Content"
- Previous message: Jim Harrison [MSFT]: "Re: New Thread for Tony Su"
- In reply to: Jim Harrison [MSFT]: "Re: ISA Server Having Issues."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
