Re: ISA 2004 on Slipstream SBS 2003

---

• From: "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
• Date: Tue, 6 Dec 2005 22:22:41 -0600

---

Hi Henry,

Are you using the sbs cert? Will ceicw allow you to re-create it, and then
does ciecw complete?

ISA 2k4 does have an additional layer involving ssl, that ISA 2k never had.
I knew I should have taken notes ;-(). Actually I think I did take notes,
but now I can't find them.

--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius


"Henry Craven" <I_User@xxxxxxxxxxxxxxx> wrote in message
news:esyY07r%23FHA.1032@xxxxxxxxxxxxxxxxxxxxxxx
> Had a Nice little SBS 2003 running smoothly ....until we installed the ISA
> Server.
>
> ISA seemed to install fine including the MSDE update/SP
>
> CEICW fails, and so does the RRAS Wiz.
> Certificates are invalid (RWW- Error Code: 500 Internal Server Error. The
> certificate chain was issued by an authority that is not
> trusted. -2146893019)
> and VPN is blocked.
>
> ----
> 07/12/2005 10:17 AM
> Firewall Rule: SBS DHCP Client
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS HTTP 80 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS FTP 20 In CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS FTP 20 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS POP3 110 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS NTP 123 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS DnsLookupPredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS IcmpPingQueryPredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS IdentdPredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS TS 3389 In CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS TS 3389 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS PptpReceivePredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS PptpCallPredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS FTP 21 In CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS FTP 21 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS SMTP 25 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS SmtpPredefinedType
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS NNTP 119 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS Remote Web Workplace CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: SBS NTP 123 Out CustomFilter
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business RPC over HTTP Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Business Card Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business CompanyWeb Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business TSWEB Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business RUP Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Monitoring Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business OMA Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business OWA Web Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Web Publishing Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Server All Users Protocol Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Internet Access Protocol Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Internet Access Protocol Rule 2
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Server Internet Access Site and Content Rule
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Server Internet Access Site and Content Rule
> 2
> Cannot find the firewall rule, ignoring the error
> Firewall Rule: Small Business Server All Users Site and Content Rule
> Cannot find the firewall rule, ignoring the error
> Call to Removing ISA2k related firewall rules () returned ok.
> Custom protocol name: SBS FTP 20 In CustomFilter
> Cannot find the custom protocol, ignoring the error
> Custom protocol name: SBS FTP 20 Out CustomFilter
> Cannot find the custom protocol, ignoring the error
> Custom protocol name: SBS NTP 123 Out CustomFilter
> Cannot find the custom protocol, ignoring the error
> Custom protocol name: SBS Remote Web Workplace CustomFilter
> Cannot find the custom protocol, ignoring the error
> Call to Removing ISA2k related custom protocols () returned ok.
> Call to Removing inbound access rule allowing anybody in () returned ok.
> Call to Removing inbound access rule allowing anybody out () returned ok.
> CStingrayCommit::CommitPortMappings
> CStringray::RemoveAllSpecialRules
> Call to Resetting the rule enumeration () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS RWW Inbound Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS FTP Outbound Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS RDP Outbound Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS Smtp Server Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS POP3 Outbound Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule SBS Localhost Dhcp Access Rule
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to Getting the special rule info () returned ok.
> Removing the access rule POP3 Inbound Access
> Call to Removing the access rule () returned ok.
> Call to MoveToNextSpecialRule () returned ok.
> Call to CStringray::RemoveAllSpecialRules () returned ok.
> Call to Removing all special firewall rules () returned ok.
> CStingrayCommit::CreateStandardPortMappings
> Call to Enabling the DHCP system policy () returned ok.
> Call to Enabling the CRL download system policy () returned ok.
> Call to Creating the DHCP access rule () returned ok.
> Call to Disabling ICMP () returned ok.
> Call to CStingrayCommit::CreateStandardPortMappings () returned ok.
> Call to Creating the standard filters () returned ok.
> CStingrayCommit::CreatePortMappingsFromXML
> Call to Resetting the port mapping list () returned ok.
> Call to Getting the number of port mappings () returned ok.
> Number of port mappings 5
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Call to Getting the name for the predefined port mapping () returned ok.
> Call to Creating tcp port mapping protocol () returned ok.
> Call to Creating the outbound SMTP access rule () returned ok.
> Call to Creating the outbound POP3 access rule () returned ok.
> Call to Creating the outbound NNTP access rule () returned ok.
> Call to Handling predefined port mapping () returned ok.
> Creating access rule SBS Smtp Server Access Rule TCP 25 returned 0
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Skipping the port mapping for Port 1723
> Call to Creating the outbound PPTP access rule () returned ok.
> Call to Handling predefined port mapping () returned ok.
> Call to Creating outbound PPTP access rule () returned ok.
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Call to Getting the name for the predefined port mapping () returned ok.
> Call to Creating tcp port mapping protocol () returned ok.
> Call to Creating the outbound RDP access rule () returned ok.
> Call to Handling predefined port mapping () returned ok.
> Creating access rule SBS RDP Server Access Rule TCP 3389 returned 0
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Call to Getting the name for the predefined port mapping () returned ok.
> Call to Creating tcp port mapping protocol () returned ok.
> Call to Creating the outbound FTP access rule () returned ok.
> Call to Handling predefined port mapping () returned ok.
> Creating access rule SBS FTP Server Access Rule TCP 21 returned 0
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Skipping the port mapping for Port 80
> Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
> Call to Creating predefined port mappings () returned ok.
> CStingrayCommit::CreatePortMappingsFromXML
> Call to Resetting the port mapping list () returned ok.
> Call to Getting the number of port mappings () returned ok.
> Number of port mappings 1
> Call to Getting the next port mapping () returned ok.
> Call to Reading Port () returned ok.
> Call to Reading Protocol () returned ok.
> Call to Reading Direction () returned ok.
> Call to Validating TCP direction () returned ok.
> Call to Reading Enable () returned ok.
> Call to Getting the name for the predefined port mapping for RWW ()
> returned ok.
> Call to Creating tcp port mapping protocol () returned ok.
> Creating access rule SBS RWW Inbound Access Rule TCP 4125 returned 0
> Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
> Call to Creating custom port mappings () returned ok.
> Call to CStingrayCommit::CommitPortMappings () returned ok.
> Call to Creating port mappings () returned ok.
> CStingrayCommit::CommitWebPublishingRules
> Call to Removing all sbs web publishing rules () returned ok.
> RUP is published
> Call to Fixing the inheritance for default web site () returned ok.
> Call to Unpublishing the default web site () returned ok.
> Call to Fixing the inheritance for companyweb dir () returned ok.
> Call to Unpublishing companyweb () returned ok.
> Call to Publishing /Exchange () returned ok.
> Call to Publishing /ExchWeb () returned ok.
> Call to Publishing /Public () returned ok.
> Call to Publishing /ExAdmin () returned ok.
> Call to Publishing RUP () returned ok.
> Call to Publishing client help for RUP () returned ok.
> Call to Publishing Monitoring () returned ok.
> Call to Publishing OMA () returned ok.
> Call to Publishing ActiveSync () returned ok.
> Call to Publishing RPC over HTTP () returned ok.
> Call to Configuring RPC over HTTP () returned ok.
> Call to Publishing Companyweb () returned ok.
> CStingrayCommit::CreateWebPublishingRules
> Call to Reading publishing server name () returned ok.
> Call to Creating A record for publishing () returned ok.
> Call to Checking the existence of the SBS listener () returned ok.
> CStringrayCommit::GetSBSCertHash
> Call to Getting the web listener SSL port () returned ok.
> SSL Port: 443
> Call to Getting the listener cert hash () returned ok.
> Call to CStringrayCommit::GetSBSCertHash () returned ok.
> Call to Reading the cert hash out of the listener () returned ok.
> Call to Reading the Internet Server Name () returned ok.
> Internet Server Name: <xxx.xxx.xxx.xxx>
> Call to Recreating the SBS web listener () returned ok.
> Call to Publishing OWA () returned ok.
> Call to Publishing RUP () returned ok.
> Call to Publishing Monitoring () returned ok.
> Call to Publishing OMA () returned ok.
> Call to Publishing RPC () returned ok.
> Call to CStingrayCommit::CreateWebPublishingRules () returned ok.
> Call to Creating ISA2k4 Web publishing rules () returned ok.
> Call to Notify RUP for OWA () returned ok.
> Call to Notify RUP for Monitoring () returned ok.
> Call to Notify RUP for RPC () returned ok.
> Call to Notify RUP for Companyweb () returned ok.
> Call to Restricting exhchangeoma to local server only () returned ok.
> Call to Restricting ConnectComputer to local network only () returned ok.
> Call to Setting PassOPTIONSToPublishedServer () returned ok.
> Call to GetInternetServerName () returned ok.
> Call to NotifyProvisioning () returned ok.
> Call to Limiting number of connections () returned ok.
> Call to Sending RUP intro mail () returned ok.
> Call to Saving web publishing selection () returned ok.
> Call to CStingrayCommit::CommitWebPublishingRules () returned ok.
> Call to Creating Web publishing rules () returned ok.
> CStingrayCommit::FixAccessRuleOrders
> Call to Fixing the LAN access rule order () returned ok.
> Call to Fixing the Windows update Access rule order () returned ok.
> Call to Fixing the Internet Access rule order () returned ok.
> Call to CStingrayCommit::FixAccessRuleOrders () returned ok.
> Call to Fixing the access rule order () returned ok.
>
> Error 0xc0040393 returned from call to Saving ISA2k4 changes().
>
> Some configuration changes were not applied. See the Windows event viewer
> for more details.
> at InteropFPCLib.FPCArrayClass.Save(Boolean fResetRequiredServices,
> Boolean fReloadConfiguration)
> at StingrayManagedUtil.StingrayUtil.SaveChangesAndRestartServices()
>
> Error 0xc0040393 returned from call to CStingrayCommit::CommitEx().
>
> calling GetBOConnector ().
> Call to GetBOConnector () returned ok.
> calling spADs->PutEx (ADS_PROPERTY_CLEAR,
> msExchSmtpOutboundSecurityPassword).
> Call to spADs->PutEx () returned ok.
> calling spADs->SetInfo ().
> Call to spADs->SetInfo () returned ok.
>
> ----
> NETWORK SERVICE accounta are fine and there are no custom Sub/Websites.
>
> All Ideas appreciated.
> Solutions Applauded.
>
> ---
> Henry Craven
>


.

---

• Follow-Ups:
  • Re: ISA 2004 on Slipstream SBS 2003
    • From: Henry Craven

• References:
  • ISA 2004 on Slipstream SBS 2003
    • From: Henry Craven

• Prev by Date: Re: Trend Micro SMB v3 Configuration Questions
• Next by Date: RE: Outllok Calendaring Problem
• Previous by thread: Re: ISA 2004 on Slipstream SBS 2003
• Next by thread: Re: ISA 2004 on Slipstream SBS 2003
• Index(es):
  • Date
  • Thread

---

Relevant Pages ISA 2004 on Slipstream SBS 2003 ... Firewall Rule: SBS DHCP Client ... Call to Removing inbound access rule allowing anybody out returned ok. ... Call to Resetting the port mapping list returned ok. ... (microsoft.public.windows.server.sbs) Re: CEICW Error for recreating a new Server Certificate ... I'm trying to change the Server Certificate of my SBS 2003 server. ... Firewall Rule: SBS DHCP Client ... ignoring the error ... Call to Resetting the port mapping list returned ok. ... (microsoft.public.windows.server.sbs) Re: ICW Error ... This newsgroup only focuses on SBS technical issues. ... Error 0x80070057 returned from call to Reading the UPNP selection. ... <Loading port mapping XML ... <Cannot find the firewall rule, ... (microsoft.public.windows.server.sbs) RE: ICW Error ... Please first make a full backup for the SBS 2003 Server. ... Backing Up and Restoring Windows Small Business Server 2003 ... <Firewall Rule: SBS DHCP Client ... (microsoft.public.windows.server.sbs) RE: ICW Error ... This newsgroup only focuses on SBS technical issues. ... Please first make a full backup for the SBS 2003 Server. ... <<Loading port mapping XML ... <<Firewall Rule: SBS DHCP Client ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)