Solved

ISA Firewall Lockout, Ceases internet traffic

Posted on 2011-02-10
3
780 Views
Last Modified: 2012-05-11
Hi Experts,

I have an intermitant issue with our firewall that ceases internet traffic. I can RDP into my firewall but cant find anything in the logs.

when I check my External NIC it is not sending or recieving any packets. if I try to disable/enable the nic that doesnt work either.

then I try to restart my ISA services through services mmc but it gets stuck at the windows firewall and takes about 20 mins to stop that service but still after that I cannot enable my nic back. this is the time I need to restart my server and then everything starts running, internet is back.

I understand it wont be an easy fix and some monitoring needs to be done but I need ideas on how to approach this.

it only happens once in 2 weeks to 4 weeks.
0
Comment
Question by:Key2IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 300 total points
ID: 34868415
The fact that it is intermittent suggests that it is an underlying OS/hardware issue on the the ISA Server machine rather than an ISA Server application issue. The only time ISA will actually stop traffic completely is if something has triggered an alert regarding TCP connections and you would have seen this in the alerts section if this had been the case.

Is the ISA Server host fully patched up and ISA 2006 SP1 deployed?
Is the host hardware fully updated - bios/firmware/drivers?

What is on the outside of ISA? Router? Another firewall? Anything alerting on that box? Are all conecctions forced to use the correct speed/connection type or are things left to the autonegotiate state?
0
 
LVL 12

Assisted Solution

by:Amit Bhatnagar
Amit Bhatnagar earned 200 total points
ID: 34885279
I would agree with Keith. I worked on a similar issues for about 3 weeks before realizing that it was a faulty NIC issue. Is the ISA dropping \Not responding to packets on both interfaces or just one?
0
 

Author Comment

by:Key2IT
ID: 34921419
Sorry guys havnt been able to reply. I'm waiting for it to crash again so I can do some more testing but hasnt dies since 9 days.
will keep you posted.

Cheers
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5512 LAN Config 16 101
MS Forefront TMG 2010 blocking legitimate websites 1 52
MS Endpoint Protection 2 71
NTP time source for DC 3 44
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question