Re: REPOST - Rules failing in ISA
From: Jim Harrison \(MSFT\) (jmharr_at_online.microsoft.com)
Date: Fri, 11 Mar 2005 16:57:57 -0800
You don't say what patch level your ISA is at.
A similar problem was addressed in patches included in SP2.
-- -- Jim Harrison [ISA SE] Read the help, books and articles! This posting is provided "AS IS" with no warranties, and confers no rights. "Jamie Turner" <email@example.com> wrote in message news:e4v3xwXJFHA.2576@TK2MSFTNGP15.phx.gbl... Apologies for the repost but this is a real problem for us - if anyone from MS is watching some help would be greatly appreciated! JT. We have a website which is hosted on 2 2003 web servers, load balanced with a multicast NLB cluster (class c affinity). This is published to the world through 2 ISA rules - one for HTTP and one for HTTPS. We don't use web publishing because it's important for the web servers to see the user's IP address - instead we have 2 server publishing rules to achieve this. We're using ISA 2000 (non caching) on W2K. Several times a day, external clients get connection refused errors in their browsers. If you telnet on port 80 to the servers externally, you also get connection refused. From the clean side of the firewall, you can browse and telnet to the the NLB cluster and each host servers fine - I don't think it's anything to do with IIS or NLB. What's weird is that while the site appears stalled for about 5-10 seconds, you can connect externally on HTTPS/443 without a problem. It seems to be specific to the rule. There are no items in the event log or ISA logs that indicate a problem. I can't see any weird network errors, IIS or NLB problems - it looks like ISA is losing the server publishing rule. Can anyone help? This is causing us real problems. Thanks in advance. JT.