Server 2003 SP1 Firewall bug?

I ran into the following issue when applying server 2003 service pack 1 to
two of our web servers:

Our network configuration consists of network A connected to a firewall
connected to network B which is connected to the internet. Network A is the
"internal" network for our department and Network B is the campus-wide
network.

Both the web servers have two network cards, one NIC is connected to network
A and one NIC is connected to network B. All web traffic goes through the
network B NIC. The network A connection is only for snmp control of some
devices on the A network.

Before SP1: I had the ICF turned on for both network cards, and allowed port
80 through for the network B NIC. There were no incoming connections allowed
through the network A NIC. A computer on Network A was able to access the web
server just fine by going to the IP on the Network B NIC.

After SP1: A computer on Network A will not connect to the Network B NIC of
the web server (what used to work fine before) IF the firewall is enabled for
the Network A NIC. I do not see why the network A NIC or firewall should be
involved in the transaction at all. The Network B NIC does not have the
firewall enabled.
A check of the firewall log shows a

DROP TCP x.x.NET.B x.x.NET.A 80 4779 48 SA 2707667470 1137765220 16384 - - -
SEND

entry. I do not understand why the firewall would be blocking what appears
to be an outbound connection from the NET B NIC on the web server back to the
computer sitting on NET A? Disabling the NET A NIC on the web server fixes
the problem, so it does not seem like any traffic is actually traveling
through the NET A NIC, but the firewall on the NET A NIC is blocking traffic
traveling through the NET B NIC.

This all worked before the application of service pack 1. I am at a loss for
what could be causing this as far as a misconfiguration is concerned.

.

Relevant Pages

  • Re: Still cant connect to RWW or OWA remotely
    ... No, I don't have a 3rd party firewall, and it's a pretty plain vanilla WinXP ... Connected to the network like the other workstations, ... I could go to any workstation and connect to them just fine. ... match the broadband connection, the two NIC firewall, the remote ...
    (microsoft.public.windows.server.sbs)
  • Re: Workgroup is not accessible.
    ... The only network connection with the ... firewall set was the dial-up connection, ... Even when it accesses the workgroup, ...
    (microsoft.public.windowsxp.network_web)
  • RE: Serious Security Issue in Windows XP SP2s Firewall
    ... file and printer sharing is available for network login from any network (I ... Internet Connection Sharing of the PC has to be disabled." ... Serious Security Issue in Windows XP SP2's Firewall ...
    (Focus-Microsoft)
  • RE: Lost Internet Connectivity
    ... use network diagnostic tools, i.e. ipconfig, ping, etc. ... Firewall, McAfee Personal Firewall, VS, two-PC network, Motorola modem, ... PCI 10/100 Ethernet Connection. ... Windows Firewall/ICS Service not running, ...
    (microsoft.public.windowsxp.network_web)
  • Re: 32-bit TCP/IP Connection
    ... try the uninstall on MCAfee yet. ... Regarding my Network conncections though - first off, ... When I right-click on AOL only the AOL connection setup screen pops-up. ... have the Microsoft XP Firewall turned on, I do use SpyBot S & D, AdAware SE ...
    (microsoft.public.windowsxp.help_and_support)
Loading