RE: ISA 2004 SP1 - Microsoft Firewall service not starting

Hi:
Thanks for your update. I have received your mail.

Regarding the current situation, I would like to suggest you try the
following steps:

1. Delete the cache file:

Locate the Urlcache folder. In the Urlcache folder, locate the file that
has the .cdat file name extension. Right-click the .cdat file, and then
click Delete. When you are prompted to confirm the removal of the .cdat
file, click Yes. If you are prompted to delete the .cdat file because it is
too big for the recycle bin, click Yes.

Then open the ISA management console, right click Cache and select Disable
Caching and apply the settings.

More information:
How to delete the Web cache in Internet Security and Acceleration Server
2004
http://support.microsoft.com/default.aspx?scid=kb;en-us;838248

2. Disable the logging:

Open the ISA management console, navigate to Monitoring, and click the
Logging tab. Click "Configure Firewall Logging". On the Firewall Logging
Properties page, uncheck the "Enable logging for this service" option, and
then perform the same configuration for the "Web Proxy Logging" and "SMTP
Message Screener Logging". Then click the Apply button to save the changes.

3. Disable the RRAS service:

Open the RRAS management console, right click the server name and click
Disable Routing and Remote Access.

Then will you be able to manually start the firewall service in the ISA
management console?

If the problem persists, please strictly following the document to re-run
the CEICW Wizard:

825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763

Hope the above information helps.

Have a nice day!

Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Thread-Topic: ISA 2004 SP1 - Microsoft Firewall service not starting
| thread-index: AcXlmMjOXK8pIcbHTbqMfl4lovDHBg==
| X-WBNR-Posting-Host: 24.27.147.186
| From: =?Utf-8?B?Q29yeSBU?= <CoryT@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <4BA8DB7B-0833-4282-9773-33C9EF264AF5@xxxxxxxxxxxxx>
<#YoZclC5FHA.3936@xxxxxxxxxxxxxxxxxxxxx>
<D7D333B9-58A2-49BF-8258-9DBDE44E464F@xxxxxxxxxxxxx>
<2230DC4B-CB23-4250-B82B-D0AF29D75509@xxxxxxxxxxxxx>
<8Ofoz9M5FHA.3408@xxxxxxxxxxxxxxxxxxxxx>
| Subject: RE: ISA 2004 SP1 - Microsoft Firewall service not starting
| Date: Wed, 9 Nov 2005 17:48:01 -0800
| Lines: 304
| Message-ID: <FC2461E6-EB21-4C0B-8007-5A1C84451A1D@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:220685
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I sent the files you requested. Please let me know if you need anything
else.
|
| "Edward Tian" wrote:
|
| > Hi:
| > Thanks for the update.
| >
| > Now I understand that your ISA Server only has one NIC and no web
| > publishing rule was created.
| >
| > To get a better understanding on the configuration of the ISA, please
help
| > to gather the ISA info:
| >
| > 1. Please help to gather the ISA Info:
| >
| > 1) Download the file from the following URL:
| >
| > http://www.isatools.org/isainfo/ISAInfo.zip
| >
| > 2) Extract all files to a folder on ISA server.
| > 3) Double click Isainfo.js. This will generate 2 files
| > ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in
the
| > current folder.
| > 4) Please send these files to me at v-edtian@xxxxxxxxxxxxx
| >
| > Please also perform the following steps to collect the corresponding
event
| > logs:
| > Step 1: Click Start, click Run, and then type "eventvwr" (without the
| > quotation marks), click OK.
| >
| > Step 2: Right-click Application and select Save Log File As.
| >
| > Step 3: Save it Application.evt.
| >
| > Step 4: Repeat step 1 to 3 to save the Security and System event to
| > Security.evt and System.evt.
| >
| > Step 5: Delete all the Application, Security and System log in the
Event
| > Viewer.
| >
| > Step 6: Restart the computer. Please reproduce the issue, and then save
the
| > new Application, Security and System log to three new files and send
them
| > to me.
| >
| > In addition, since the ISA only has one NIC, could you tell me in which
| > mode you installed the ISA Server 2004?
| >
| > Meanwhile, I suggest that we re-run the CEICW Wizard, the wizard will
help
| > us automatically configure the internet settings. You can refer to this
| > step-by-step document to complete the wizard:
| >
| > 825763 How to configure Internet access in Windows Small Business
Server
| > 2003
| > http://support.microsoft.com/?id=825763
| >
| > Thanks for your time and patience. Please feel free to let me know if
| > anything is unclear.
| >
| > Have a nice day!
| >
| > Best Regards
| > Edward Tian(MSFT)
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| > ======================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > ======================================================
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| > --------------------
| > | Thread-Topic: ISA 2004 SP1 - Microsoft Firewall service not starting
| > | thread-index: AcXkn53eIUs8waLVT46gtXFO4113/g==
| > | X-WBNR-Posting-Host: 216.170.52.66
| > | From: =?Utf-8?B?Q29yeSBU?= <CoryT@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | References: <4BA8DB7B-0833-4282-9773-33C9EF264AF5@xxxxxxxxxxxxx>
| > <#YoZclC5FHA.3936@xxxxxxxxxxxxxxxxxxxxx>
| > <D7D333B9-58A2-49BF-8258-9DBDE44E464F@xxxxxxxxxxxxx>
| > | Subject: RE: ISA 2004 SP1 - Microsoft Firewall service not starting
| > | Date: Tue, 8 Nov 2005 12:04:24 -0800
| > | Lines: 183
| > | Message-ID: <2230DC4B-CB23-4250-B82B-D0AF29D75509@xxxxxxxxxxxxx>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:168703
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | I take it back. There were not any Web Publishing Rules listed.
Only
| > | Firewall Policy rules. How can Link Translation be the problem if
there
| > | aren't any Web Publishing Rules?
| > |
| > | 1. Did the problem ever occur before you reinstalled the ISA Server
2004?
| > | No
| > | 2. How many NIC is installed on the SBS Server?
| > | One
| > | 3. Once you received these event errors, can you manually restart the
| > | firewall service? If you can manually restart the firewall service,
will
| > | everything work fine afterwards?
| > | No, the firewall service will not start even manually
| > | 4. Have you installed any third-party antivirus software on the SBS
| > Server?
| > | If so, please try temporarily disabling it and see if the problem can
be
| > | resolved.
| > | Yes, it did not resolve the problem.
| > |
| > | "Cory T" wrote:
| > |
| > | > I did see a KB article describing what you are talking about
however I
| > did
| > | > not see a Link Translation tab when editing the rules. Is there a
way
| > to
| > | > make this tab appear?
| > | >
| > | > This is the first I've used ISA and am not very familiar with it's
| > inner
| > | > working yet.
| > | >
| > | > "Edward Tian" wrote:
| > | >
| > | > > Hi:
| > | > > Thanks for posting here.
| > | > >
| > | > > From the description, I understand that after you reinstalled the
ISA
| > | > > Server 2004, you kept on receiving Event error 14001 and 7024 and
the
| > | > > Microsoft Firewall service would not start. If I am off base,
please
| > do let
| > | > > me know.
| > | > >
| > | > > Based on my experience, the following factors may cause this
problem:
| > | > >
| > | > > 1. This issue may occur if a Web publishing rule is corrupted in
the
| > | > > Microsoft Internet Security and Acceleration (ISA) Server 2004
| > firewall
| > | > > policy.
| > | > >
| > | > > To resolve this kind of issue, determine the Web publishing rule
that
| > is
| > | > > corrupted, and then remove the corrupted rule or reconfigure the
link
| > | > > translation dictionary for that rule. To do this, follow these
steps:
| > | > >
| > | > > 1) To help determine the Web publishing rule that is corrupted,
| > disable
| > | > > link translation on each Web publishing rule, and then try to
start
| > the
| > | > > Microsoft Firewall service. To do this, follow these steps:
| > | > >
| > | > > a. Start the ISA Server Management tool.
| > | > >
| > | > > b. Expand ServerName , where ServerName is the name of your ISA
| > Server
| > | > > computer.
| > | > >
| > | > > c. Click Firewall Policy, click a Web publishing rule, and then
click
| > Edit
| > | > > Selected Rule.
| > | > >
| > | > > d. Click the Link Translation tab, click to clear the Replace
| > absolute
| > | > > links in Web pages check box, and then click OK.
| > | > >
| > | > > e. Click Apply to update the firewall policy, and then click OK.
| > | > >
| > | > > f. Try to start the Microsoft Firewall service. If the service
starts
| > | > > successfully, this rule may be corrupted.
| > | > >
| > | > > 2) If the Microsoft Firewall service does not start successfully,
| > reenable
| > | > > link translation for the previous rule, and then disable it on
the
| > next
| > | > > rule.
| > | > >
| > | > > 3) When you have identified the corrupted rule, remove that rule,
or
| > edit
| > | > > the link translation dictionary entries for that rule.
| > | > >
| > | > > Note: When you create a new Web publishing rule, and when you
click
| > to
| > | > > select the Replace absolute links in Web pages check box on the
Link
| > | > > Translation tab of that rule, a new link translation dictionary
is
| > | > > automatically created for that rule.
| > | > >
| > | > > 2. The problem may also occur when you are using a third-party
| > | > > Cryptographic Service Provider (CSP). If this is the case, please
| > refer to
| > | > > this KB article for resolution:
| > | > >
| > | > > The Firewall service may not start in Internet Security and
| > Acceleration
| > | > > (ISA) Server 2004 after you select a certificate for a SSL
listener
| > | > > http://support.microsoft.com/default.aspx?scid=KB;EN-US;896495
| > | > >
| > | > > If the problem persists, please help to gather the following
| > information in
| > | > > order to narrow down the problem:
| > | > > 1. Did the problem ever occur before you reinstalled the ISA
Server
| > 2004?
| > | > >
| > | > > 2. How many NIC is installed on the SBS Server?
| > | > >
| > | > > 3. Once you received these event errors, can you manually restart
the
| > | > > firewall service? If you can manually restart the firewall
service,
| > will
| > | > > everything work fine afterwards?
| > | > >
| > | > > 4. Have you installed any third-party antivirus software on the
SBS
| > Server?
| > | > > If so, please try temporarily disabling it and see if the problem
can
| > be
| > | > > resolved.
| > | > >
| > | > > Hope the above information helps, please feel free to let me know
if
| > there
| > | > > is anything I can do for you.
| > | > >
| > | > > Have a nice day! :)
| > | > >
| > | > > Best Regards
| > | > > Edward Tian(MSFT)
| > | > > Microsoft CSS Online Newsgroup Support
| > | > >
| > | > > Get Secure! - www.microsoft.com/security
| > | > > ======================================================
| > | > > This newsgroup only focuses on SBS technical issues. If you have
| > issues
| > | > > regarding other Microsoft products, you'd better post in the
| > corresponding
| > | > > newsgroups so that they can be resolved in an efficient and
timely
| > manner.
| > | > > You can locate the newsgroup here:
| > | > > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > | > >
| > | > > When opening a new thread via the web interface, we recommend you
| > check the
| > | > > "Notify me of replies" box to receive e-mail notifications when
there
| > are
| > | > > any updates in your thread. When responding to posts via your
| > newsreader,
| > | > > please "Reply to Group" so that others may learn and benefit from
| > your
| > | > > issue.
| > | > >
| > | > > Microsoft engineers can only focus on one issue per thread.
Although
| > we
| > | > > provide other information for your reference, we recommend you
post
| > | > > different incidents in different threads to keep the thread
clean. In
| > doing
| > | > > so, it will ensure your issues are resolved in a timely manner.
| > | > >
| > | > > For urgent issues, you may want to contact Microsoft CSS
directly.
| > Please
| > | > > check http://support.microsoft.com for regional support phone
numbers.
| > | > >
| > | > > Any input or comments in this thread are highly appreciated.
| > | > > ======================================================
| > | > > This posting is provided "AS IS" with no warranties, and confers
no
| > rights.
| > | > >
| > | > > --------------------
| > | > > | Thread-Topic: ISA 2004 SP1 - Microsoft Firewall service not
starting
| > | > > | thread-index: AcXj0zXEZ1/7TipCR0ShVohGhaoE5g==
| > | > > | X-WBNR-Posting-Host: 216.170.52.66
| > | > > | From: =?Utf-8?B?Q29yeSBU?= <Cory T@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | > > | Subject: ISA 2004 SP1 - Microsoft Firewall service not starting
| > | > > | Date: Mon, 7 Nov 2005 11:41:12 -0800
| > | > > | Lines: 13
| > | > > | Message-ID: <4BA8DB7B-0833-4282-9773-33C9EF264AF5@xxxxxxxxxxxxx>
| > | > > | MIME-Version: 1.0
| > | > > | Content-Type: text/plain;
| > | > > | charset="Utf-8"
| > | > > | Content-Transfer-Encoding: 7bit
| > | > > | X-Newsreader: Microsoft CDO for Windows 2000
| > | > > | Content-Class: urn:content-classes:message
| > | > > | Importance: normal
| > | > > | Priority: normal
|

.