Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Denied Connections

10 views
Skip to first unread message

Smurfman

unread,
Jan 25, 2010, 4:35:02 PM1/25/10
to
I have several clients on my network in which the Microsoft Firewall Client
has stopped talking with ISA Server 2006.

I am running the most currect ISA Client I can fine (based on a KB)

I have uninstalled - rebooted - installed the clients again.

I have rebooted ISA

Some machines are Vista, some are Windows 2003 server, and others are XP

When I try to use the Firewall Client tool and test server connectivity
using FQDN, I get an unable to connect - something related to a network error.

In the ISA server when logging for a particular client I am testing - I see
that the connection attempt is made and 0 bytes transit - the connection is
Denied (port 1745) on a working machine I see one connection with 0 bytes
then a second connecction with some bytes transmitted.

I am stumped.
Any suggestions on how to figure this one out.
J

Jens Baier

unread,
Jan 26, 2010, 12:22:02 AM1/26/10
to
Hi,

> I have several clients on my network in which the Microsoft Firewall
> Client
> has stopped talking with ISA Server 2006.

the Firewall Client support is activated in ISA Server?
Try to reapply the moszt recent ISA Server service pack

--
Gruss Jens
www.it-training-grote.de
www.forefront-tmg.de
https://mvp.support.microsoft.com/profile/Marc.Grote
http://blog.it-training-grote.de

Jens Mander

unread,
Jan 26, 2010, 3:57:54 AM1/26/10
to
hi smurfman,

> When I try to use the Firewall Client tool and test server connectivity
> using FQDN, I get an unable to connect - something related to a network
> error.

have you tried using the ip instead of the fqdn?

--
greets, jens mander...
www.aixperts.de
www.forefront-tmg.de
www.hentrup.net
|<-|

Smurfman

unread,
Jan 27, 2010, 10:39:01 AM1/27/10
to
Tried IP - will not talk

I will try the other suggestion to re-apply service pack.


and I do not follow the question "the Firewall Client support is activated
in ISA Server?" I only have a handful of clients who are behaving this way
and not talking to ISA others are doing so with no issue.

THanks
J

"Jens Mander" wrote:

> .
>

Jens Mander

unread,
Jan 27, 2010, 1:41:47 PM1/27/10
to
hi,

> Tried IP - will not talk

o.k. - so the socket ip:1745 isn't reachable?

> and I do not follow the question "the Firewall Client support is activated
> in ISA Server?" I only have a handful of clients who are behaving this
> way
> and not talking to ISA others are doing so with no issue.

oh plz check this out! properties of internal -> tab "firewallclient". the
fwc support must be activated! if it is try do disable and enable it.

Smurfman

unread,
Jan 28, 2010, 9:21:02 AM1/28/10
to
Tried to disable and re-enable the setting - tested my pc that works in
between - verified that I could not reach ISA. It was a different error.

In monitoring the logs it looks like this:

Denied Connection ISA_SERVER 1/28/2010 9:17:23 AM
Log type: Firewall service
Status:
Rule:
Source: Internal (192.168.1.204:49602)
Destination: Local Host (192.168.1.18:1745)
Protocol: Microsoft Firewall Client (TCP)
User:
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0 ms Original Client IP: 192.168.1.204
Client agent:


I am stumped.
J


"Jens Mander" wrote:

> .
>

Jens Mander

unread,
Jan 28, 2010, 10:17:39 AM1/28/10
to
hi j,

> Denied Connection ISA_SERVER 1/28/2010 9:17:23 AM
> Log type: Firewall service
> Status:
> Rule:
> Source: Internal (192.168.1.204:49602)
> Destination: Local Host (192.168.1.18:1745)
> Protocol: Microsoft Firewall Client (TCP)
> User:
> Additional information
> Number of bytes sent: 0 Number of bytes received: 0
> Processing time: 0 ms Original Client IP: 192.168.1.204
> Client agent:

the name of the rule which blocks is left blank???
event-log is clear?

Smurfman

unread,
Jan 28, 2010, 2:20:22 PM1/28/10
to
Exactly - its not failing on a rule. And by enabling that setting it should
just allow the connections - which it does for nearly everyone on the network.

Event log shows nothing related to this machine

I was thinking that the machine account might have been disabled - nothing
there.

The user - nothing there.

J

"Jens Mander" wrote:

> .
>

Jens Mander

unread,
Jan 29, 2010, 4:24:59 AM1/29/10
to
hi j,
does the firewallclient ever worked before? and if yes, did you change
anything shortly before the breakdown?

beginning to be stumped to. ;-)

Smurfman

unread,
Feb 9, 2010, 5:02:01 PM2/9/10
to
you will be pleased to know I figured it out.

The isa server changed switches - still same network - but the isa nic was
enabled with Jumbo frames however the new switch was not enabled for jumbo
yet - where as the old switch was.

Made the change and poof all of my clients that would not connect started
talking again.

Thanks for your help.
J

"Jens Mander" wrote:

> .
>

Jens Mander

unread,
Feb 10, 2010, 10:51:22 AM2/10/10
to
hi j,

> The isa server changed switches - still same network - but the isa nic was
> enabled with Jumbo frames however the new switch was not enabled for jumbo
> yet - where as the old switch was.
> Made the change and poof all of my clients that would not connect started
> talking again.

uh - that's a hard one!!!

0 new messages