?
Solved

ISA 2004 RPC issues

Posted on 2007-11-16
9
Medium Priority
?
2,762 Views
Last Modified: 2010-05-18
My question would be:
How do I resolve the RPC/connectivity issues within my ISA 2004 server?
Details/Description:

After Installing ISA 2004, regardless of applying Service Packs, I receive Netlogon Errors (EVENT ID 1053): Windows cannot determine the user or computer name. (The RPC server is unavailable. ). Group Policy processing aborted.
If I try to add a domain user, to the Administrators group of the server, I receive a message:
RPC server unavailable.
The server logs the following error:
This computer was not able to set up a secure session with a domain controller in domain MYDOMAIN due to the following:
The RPC server is unavailable.  
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator
It's acting like ISA is blocking RPC traffic.
There is a trendomous pause when logging on to the machine with a Domain account.  ISA does function, though.  If I set up VPN, create a local user, then I can log in.  If I try to VPN using a domain account, I can not log in.
When I run netdiag, without ISA 2004, all looks ok (everything passes)
When I run netdiag, with ISA, I get error, referencing DSbind

Server/Device Info:
ISA 2004 (SP3)- ALthough Issue seems to occur on each SP
Windows Server 2003 R2

I appreciate any help and suggestions!
0
Comment
Question by:smcmcnutt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20300051
ISA WILL be blocking rpc traffic unless you have told it not to.

Have you got a rule from internal & local host TO internal & local host - all protocols?
Have you turned off RPC Strict Compliance?
0
 

Author Comment

by:smcmcnutt
ID: 20300122
Keith-
Yes, on rule
Yes, RPC Strict Compliance is turned off
Thank you!
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 20300168
Open the ISA gui, select monitoring - logging - click start query.
What do you see appear in the real time log?

Are you sure it is rpc that is failing rather than Kerberos calls etc?
What ISA SP are you running?
have you run the up the ISA BPA?
http://www.microsoft.com/downloads/details.aspx?FamilyId=D22EC2B9-4CD3-4BB6-91EC-0829E5F84063&displaylang=en
needs .net 1.1

You are on 2003 R2? Are you running SP2 also?
This might be worth a look (ISA runs NAT as you can imagine)
http://support.microsoft.com/kb/927695
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:smcmcnutt
ID: 20300248
Keith-
Found these 2 failed events in logging (in order)
Failed Connection Attempt SVRDC026 11/16/2007 10:22:24 AM
Log type: Firewall service
Status: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.  
Rule: Allow RPC from ISA Server to trusted servers
Source: Local Host ( 192.168.28.10:1589)
Destination: Internal ( 192.168.28.3:135)
Protocol: RPC (all interfaces)
User:  

Denied Connection SVRDC026 11/16/2007 10:22:17 AM
Log type: Firewall service
Status: A TCP packet was rejected because it has an invalid sequence number or an invalid acknowledgement number.
Rule:  
Source: Internal ( 192.168.28.3:135)
Destination: Local Host ( 192.168.28.10:1589)
Protocol: Unidentified IP Traffic (TCP:1589)
User:  
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.28.3
Client agent:  


**.10 being ISA .3 being local DC
Not sure about Kerberos vs RPC.  I do not see Kerberos ERRORS, Just the RPC.
Yes 2003 R2, Yes SP 2.
Reading article, now.

I did run BPA.  DID squawk about RSS also (in regards to your comment)
Much Appreciated!
0
 

Author Comment

by:smcmcnutt
ID: 20300331
KEITH!
I think it was the RSS!!!
I just need to verify a few things before the reward.
I am no longer seeing the netlogon errors!
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20300971
Excellent.
0
 

Author Closing Comment

by:smcmcnutt
ID: 31409580
Keith-
The MS article regarding RSS was the key.
I appreciate your help on this instance, as well as your other posts, which have help tremendously in the past!!
Cheers!
0
 
LVL 17

Expert Comment

by:Jared Luker
ID: 20787058
I had this exact same issue with Server 2003 R2 sp2.

The RSS reg tweak fixed it!  Thanks to Keith
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20790784
Welcome :)
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question