Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

TMG server stops responding after every restart

Posted on 2012-03-27
4
Medium Priority
?
426 Views
Last Modified: 2015-05-27
Hello

We have strange trouble with TMG server:
It is installed on esx 4.1, OS under TMG is Server 2008 R2 SP1, actual TMG is 2010 SP2, but behaviour was the same in TMG SP1.

We restart the OS, and server hangs during next morning between 8:30 and 10:30 a.m.
Server stops responding to ping from external and internal networks. Login in RDP is not available - it must be done via esx console with server local admin account.
We must stop wspsrv - process manually (service Microsoft forefront firewall hangs in stopping when we attempt to restart the service) and then start Firewall service manually again.

In the event logs are no errors and service state in msc console looks running.


After we restart the process, the server gets to similar state a few times during cca 2-3 hours, we must repeat this 2-3 times and then suddenly everything works correctly and is working until next server restart (patch management etc.)
This behaviour happens again EVERYTIME we restart the server.
Strange is - we restart server at lunch - then all afternoon is the network under load from users and all is OK, in the next morning - happens again.

We installed fresh new Server 2008 R2 with TMG to the same hardware box under esx - import configuration - same behaviour.
No antivirus, backup solution or third party software on new server aplied. Only roles the server hosts is TMG and NPS (only as Radius server).
Service is set as automatic - delayed start.

We did not find any scheduled task that could be related.

Any help would be appreciated.
0
Comment
Question by:dataline
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 12

Expert Comment

by:S00007359
ID: 37774394
Check the Disk I/O from ther performance manager.

i have seen cases like this before. most of the time, the paging and TMG Logging needs to be moved to another dfisk, or a RDM disk, for faster I/O. this causes the firewall service to stop.

give that a shot and see the outcome. alternative is put OS 2008 R2 SP1 and TMG 2010 SP2, on a physical box. it's very disk I/O hungry.

cheers
0
 

Accepted Solution

by:
dataline earned 0 total points
ID: 37837084
Trouble solved - there was too heavy DNS traffic - because of domain name sets in traffic rules - flooding the TMG server.
Solution:
disabling eDNS probe - http://support.microsoft.com/kb/2550719/en-us
and adding DNS role on TMG server
Next step will be lowering number of domain name sets in rules and using URL sets instead
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40797863
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question