Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ISA Server already reset the maximal port number to 65535

171 views
Skip to first unread message

Ilya Savchenko

unread,
Mar 24, 2006, 9:33:50 AM3/24/06
to
Hi all.

Sorry for my bad english, but...

I have the problem, with my ISA 2004 SP2.

The Web Proxy filter failed to create a network socket because there are no
available ports on this computer. ISA Server already reset the maximal port
number to 65535. Make sure this is the value at
HKLM\System\CurrentControlSet\Services\TcpIp\Parameters\MaxUsePort and
restart the computer to apply this change.

Worm's - isn't real reason, becouse inside we have Trend Micro antivirus
software on our workstation and servers, at outside we have Cisco FW witch
IDS.

I'm monitoring outbound traffic, and see how webproxy service ewstablished
connection from dynamic local port on my isa to http port 80 on outside
webservers. On each new connection number of local dynamic port increasing
at one, and i see when it reach 65535, then port number reset to 1024 and
increasing over again... but.. some time this not happens and at this time i
see error in Application Log :

The Web Proxy filter failed to create a network socket because there are no
available ports on this computer. ISA Server already reset the maximal port
number to 65535

I do have that registry setting. Am I running out of sockets? Any
explanation?

Thanks


ZVR

unread,
Mar 24, 2006, 10:24:50 AM3/24/06
to
> The Web Proxy filter failed to create a network socket because there are
> no available ports on this computer. ISA Server already reset the maximal
> port number to 65535
>
> I do have that registry setting. Am I running out of sockets? Any
> explanation?

How many internal clients is your ISA serving?

Are you publishing a high-volume web site? If yes, how (all possible
details)

And, what is the session timeout set to in the ISA console? You can play
with that setting and make it a smaller value, which will eventually free up
idle sockets faster.

Virgil


trevor...@gmail.com

unread,
Mar 25, 2006, 2:36:13 AM3/25/06
to
This helped me with this problem.

QUERY DESCRIPTION
=================
The Web Proxy service failed to create a network socket because there
are no available ports on this computer. ISA server already reset the


maximal port number to 65535. Make sure this is the value at

HKLM\System\CurrentControlSet\Service\TcpIp\Parameters\MaxUsePort and


restart the computer to apply this change.

RESOLUTION
==========
1) Check you have the following registry entry set:
HKLM\System\CurrentControlSet\Service\TcpIp\Parameters\MaxUsePort =
65535

2) Please add the following registry key:

HKey_Local_Machine\System\CurrentControlSet\Services\Tcpip\Parameters\TcpTimedWaitDelay
(DWORD) = 30 (Decimal)

3) Please add the following registry key:

HKey_Local_Machine\System\CurrentControlSet\Services\Tcpip\Parameters\Parameters\Tcp\StrictTimeWaitSeqCheck
(DWORD) = 1

4) Finally please reboot the machine

Ori Yosefi [MSFT]

unread,
Mar 26, 2006, 7:21:35 AM3/26/06
to
There may be a few reasons for this:

1. If the MaxUserPort is set to 65535, but the machine is not rebooted.
(e.g. you don't reboot after ISA setup).
2. If you actually run out of available ports.
3. On an OS previous to Windows Server 2003 sp1, in certain conditions, a
connection in TIMED_WAIT state may be reused giving this error. (This may
also occur on Server 2003 SP1, but only in rare conditions).

Do you get these errors a lot? Is it in any specific scenario?

HTH,

Ori.


--
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.This posting is provided "AS IS" with no warranties, and
confers no rights.


"Ilya Savchenko" <is...@tut.by> wrote in message
news:uG8M5$0TGHA...@TK2MSFTNGP11.phx.gbl...

Ilya Savchenko

unread,
Mar 27, 2006, 2:57:35 AM3/27/06
to
Thank's for you answer Ori

i have it one or two time per week, or at all two weeks ISA work fine
without any errors. Of course i can write a script for monitoring this event
and restart web-proxy service, but it's no good resolution


"Ori Yosefi [MSFT]" <or...@online.microsoft.com> wrote in message
news:%23wNDW$MUGHA...@tk2msftngp13.phx.gbl...

Ori Yosefi [MSFT]

unread,
Mar 27, 2006, 3:14:43 AM3/27/06
to
There is no need to restart the machine every time. You only need to restart
in __once__ after setting the registry key (for the registry key to be
effective).

If you have restarted the machine at least once after the key has been set
and you are still getting this, you can also try to lower the
TcpTimedWaitDelay to 30, which means that the connections will stay in
TIMED_WAIT state for only 30 seconds instead of 240. This lowers the chance
of the same port being reused by TCP.

Here are a couple of links about the matter:
http://www.winguides.com/registry/display.php/878/
http://technet2.microsoft.com/WindowsServer/en/Library/38b8bf76-b7d3-473c-84e8-e657c0c619d11033.mspx

BTW, which version of Windows are you using?

Hope this helps,

Ori.

--
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.This posting is provided "AS IS" with no warranties, and
confers no rights.


"Ilya Savchenko" <is...@tut.by> wrote in message

news:OnfOfQXU...@TK2MSFTNGP09.phx.gbl...

isava

unread,
Mar 28, 2006, 2:18:18 AM3/28/06
to
Thanks for you answer Ori, i will try this solution, becouse this problem is
whery important for me.
I'm using Win2K3 SP1 and ISA 2004 SP2 on Fujitsu-Siemens PRIMERGY SERVER
RX300 S2


"Ori Yosefi [MSFT]" <or...@online.microsoft.com> wrote in message

news:Og9gCaXU...@TK2MSFTNGP11.phx.gbl...

0 new messages