[500 Points] Timeout Issues on ISA 2004 w/ Surf Control 5.0 & Pix

I have several hundred machines in a AD2000 domain, with an ISA 2004 Firewall w/ Surf Control (3rd Party) for proxy functions in a back to back config with a Pix firewall. I have an internet based application that uses SSL (443) and I'm experiencing Timeout issues (10060). The configuration has been working fine, and this issue just started a week ago. The ISA query log shows SSL transactions that occasionally fail (no authentication) but it's only 1 in 5, but produces a timeout. When I bypass the proxy, by removing the entry in Internet Explore Proxy settings, this resolves the issue.

I have a dual NIC installed with an Outside / Inside configuration. The server only has 1gig of Ram, and is a single processor 1.2Ghz with the latest bios, and drivers.

I have already done the following:
1. DNS is configured correctly
2. Both ISA & Surf Control have recently been re-installed with no resolve
3. Replaced patch cord, used additional port
4. No changes on the router and the routing and tables look fine.
5. Increased the Cache size on the NIC cards per this forum.
6. Turned off http compression, and other filters per this forum.
7. enabled pMTUDiscovery and other registry options per this forum.
8. Increased TCP/IP receive window per this forum
9. Checked that ISA was routing and no NAT enabled

Though all of these have improved matters and decreased the frequency of the timeout issues, I am still receiving them.
In the ISA firewall log (query based) I am seeing a result pertaining to Graceful Shutdown and Failed/Denied transcations

Question: Is it RAM and/or processor related or is this an AD authentication issue?


dlee9Asked:
Who is Participating?
 
Keith AlabasterEnterprise ArchitectCommented:
Sorry Dlee, I've been away all of today with my kids.
If you post a question (its free) in the community section, a moderator will PAQ the question here and refund your points.
Regards
Keith
ISA MCT
0
 
dlee9Author Commented:
I answered my own question.
For the benefit of those that have had similar issues.. the following website offers all the information you need

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/client_ssl.mspx?pf=true
0
 
Keith AlabasterEnterprise ArchitectCommented:
Thank You :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.