[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

[500 Points] Timeout Issues on ISA 2004 w/ Surf Control 5.0 & Pix

Posted on 2006-04-08
4
Medium Priority
?
353 Views
Last Modified: 2013-11-16
I have several hundred machines in a AD2000 domain, with an ISA 2004 Firewall w/ Surf Control (3rd Party) for proxy functions in a back to back config with a Pix firewall. I have an internet based application that uses SSL (443) and I'm experiencing Timeout issues (10060). The configuration has been working fine, and this issue just started a week ago. The ISA query log shows SSL transactions that occasionally fail (no authentication) but it's only 1 in 5, but produces a timeout. When I bypass the proxy, by removing the entry in Internet Explore Proxy settings, this resolves the issue.

I have a dual NIC installed with an Outside / Inside configuration. The server only has 1gig of Ram, and is a single processor 1.2Ghz with the latest bios, and drivers.

I have already done the following:
1. DNS is configured correctly
2. Both ISA & Surf Control have recently been re-installed with no resolve
3. Replaced patch cord, used additional port
4. No changes on the router and the routing and tables look fine.
5. Increased the Cache size on the NIC cards per this forum.
6. Turned off http compression, and other filters per this forum.
7. enabled pMTUDiscovery and other registry options per this forum.
8. Increased TCP/IP receive window per this forum
9. Checked that ISA was routing and no NAT enabled

Though all of these have improved matters and decreased the frequency of the timeout issues, I am still receiving them.
In the ISA firewall log (query based) I am seeing a result pertaining to Graceful Shutdown and Failed/Denied transcations

Question: Is it RAM and/or processor related or is this an AD authentication issue?


0
Comment
Question by:dlee9
  • 2
3 Comments
 

Author Comment

by:dlee9
ID: 16408930
I answered my own question.
For the benefit of those that have had similar issues.. the following website offers all the information you need

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/client_ssl.mspx?pf=true
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1000 total points
ID: 16409000
Sorry Dlee, I've been away all of today with my kids.
If you post a question (its free) in the community section, a moderator will PAQ the question here and refund your points.
Regards
Keith
ISA MCT
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16626355
Thank You :)
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Loops Section Overview
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month18 days, 1 hour left to enroll

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question