Solved

Issue with HTTP/RPC after network disconnect failure

Posted on 2009-04-02
9
467 Views
Last Modified: 2012-05-06
My setup is ISA SERVER 2006 >>> Exchange 2003. The isa server is also the dhcp server and the exchange server is also the internal, dns and active directory server.  I have no front end server.

The issue is that after a network disconnect with my ISP, the exchange server publshing rule (OWA and HTTP/RPC) will not work. Internet works fine and I can even access other published sites from the isa server. however, http/rpc connections from window mobile phones, external outlook clients and OWA access will not work until I restart the ISA Firewall service.
0
Comment
Question by:mcolommena
  • 5
  • 4
9 Comments
 
LVL 12

Expert Comment

by:Alan3285
ID: 24056261
Hi,

What happens from outside when you go to:

https://server.domain.com/exchange

Can you telnet to this:

telnet server.domain.com 443

Thanks,

Alan.
0
 

Author Comment

by:mcolommena
ID: 24058163
I have not tried to telnet, but on the browser if i type https://server.domain.com/exchange, whih typically brings up my owa, i geta page cannot be displayed error.
0
 
LVL 12

Expert Comment

by:Alan3285
ID: 24065726
Please can you try the telnet, and see what happens (I am guessing you'll get no response, but let's try anyway).

If that is the case, then it seems most likely either the perimiter firewall / router - what do you have on the perimeter?

Or, if not that, then either the ISA server itself or the exchange server.

Depending on your LAN layout, is there any machine or device that is outside the ISA server, but inside the perimeter?  If so, can you try telnet (or browser) from there?

Also, can you connect to OWA from inside the ISA server (I am guessing about your network config, but perhaps your own workstation is inside the ISA server and on the same subnet as the exchange server?)  If so, try connecting to OWA from your workstation:

https://server/exchange

where server is either the internal hostname or IP of the exchange server.

Thanks,

Alan.
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:mcolommena
ID: 24066790
telnet does not work from the outside. however, it does work from the inside. Meaninig that from within the local lan the services are up on the exchange. They just do not work form the outside. This happens everytime that the isp phyiscal connection on the external wan card of the isa server gets reset. meaning that the netowrk card sees a disconnect and a reconnect. the isp rebooting thier router.
0
 
LVL 12

Expert Comment

by:Alan3285
ID: 24070060
Is your ISA server's WAN-side NIC connected to an ADSL modem or a fibre termination or something?
If so, I wonder if there is some interaction there causing a problem?

Not sure how easy this will be for you (depends on whether you have a spare router lying around), but you could try putting an additional NAT router between the 'modem' (whatever is there) and the ISA server.

You'll need to setup the router to pass through outbound (might as well be everything initially at least since this is not a security measure), and make sure you port-forward whatever you need to come in (443, 25, etc etc)

That way, the ISA Server won't see a network disconnect (it will be the new router that sees the disconnect)

Nothing inside changes as the ISA Server is still the main firewall and DHCP.

Does that make any difference?

Alan.
0
 

Author Comment

by:mcolommena
ID: 24692579
Alan...... Sorry I have not commented... I will try this and let you know.
0
 
LVL 12

Expert Comment

by:Alan3285
ID: 24695808
No worries.  I guess you are still having the issues!

Post back when you can.

Alan.
0
 

Author Comment

by:mcolommena
ID: 25123982
Yes, still the same issue.
0
 
LVL 12

Accepted Solution

by:
Alan3285 earned 500 total points
ID: 25131012
Hi,

Do you mean you tried the additional router suggestion?

If so, your ISA server should not be seeing any disconnects now?

Alan.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Block Homail Using ISA 2004 5 364
TMG 2010 ISP Redudancy 29 987
ISA Replacement 8 117
MS Forefront TMG 2010 blocking legitimate websites 1 29
ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question