ISA 2006 problems

I have ISA server 2006 sp1 on windows 2003 sp2 working in Active directory Domain
having the errors
Kerberos Event ID 4 and Event ID 5719 Authentication failure ( tried to test with \\domain name\sysvol\domain name give logon failure)

puplished exchange server donot work ( out side users web logon or pop3 report that they cannot access the mail and keep asking about the password again and again all internal users have no problems working with MAPI and connected directly to exchange server) I think this problem related to the event ID 4 and 5719

All internal users can access internet without problem

all other servers have no problem related to Active directory domain controllers or member servers
Who is Participating?
AhmedAwadConnect With a Mentor Author Commented:
I have solved this issue by deleting the isa computer account in ths active directory and rejoining again it solve this issue and still have one problem that the web based users cannot log in to exchange but POP3 users can without problem this is my problem now
How many nics do you have?
AhmedAwadAuthor Commented:
I have 2 NICs Cars
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

That might be the issue, instead of ISA.

Nics bind certain services and communications protocols to it. So, if you have two nics, the server might be confused.

ISA is a prolific firewall that will block connections unless configured right. However, if two nics are on the server, you may be looking at the server looking happy, but is confused as to what nic it needs to go out on for proper communications. Usually when I see the error of 5719, it means that the server is confused as to what nic it needs to go out on for these services, while the client is hounding it for services. Also, it could mean that you are using 2003 server SP1 and the MTU channels are incorrect.

Let me give you a thread to go to. This will allow you to look at the communications protocols needed for domain services. This includes, DHCP, DNS, netbios and internet services through a gateway. Please follow the steps to configuring both nics. If at all possible, disable the second nic thereafter. Only one connection to a small domain of, let's say 250 nodes or less, is needed.
AhmedAwadAuthor Commented:
The 2 NICs one for wan connection and the other is for Lan as its working as ISA server this can't be a problem as the ISA manage connections
Go to the command prompt and type:

Ipconfig /flushDNS
Net stop netlogon
Net start netlogon

Then, verify your SRV records in DNS are not pointing to the OUTSIDE nic.
This is best resolved in Exchange zone under a new question. You should accept your answer  ID: 24405552 for this question to get a refund of points, then open up a new question for exchange. If Mestha/Simon replies, your looking at one of the best exchange administrators I have ever seen.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.