Announcement

Collapse
No announcement yet.

ISA 2006 With NLB not working on Windows 2003 Standard

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ISA 2006 With NLB not working on Windows 2003 Standard

    although I already posted this in the computer oddies I started to getting annoyed by this issue, so I hope someone could shed some new light on it;

    Lab setup:
    1) 2x Windows 2003 Server Standard (SP2 slipstreamed) with ISA 2006 EE SP1
    2) 2x Windows 2003 Server Enterprise (SP2 slipstreamed) with ISA 2006 EE SP1

    And 1x Windows 2003 Enterprise Server as CSS for both ISA arrays

    Configure NLB on both setups and then create an access rule to allow all outbound traffic between the internal ip addresses of the ISA servers.
    Also disable strict RPC enforcement on the AD tab in the system policies...
    Then review your NLB configuration with NLB manager on one of the ISA servers.

    Setup 2 works fine and you can see both nodes converged correctly.
    However setup 1 don't work. You can't see both nodes with NLB manager and ISA is killing the RPC traffic
    If you re-create the involved system policies manually as access rules and disable the involved system policies it works fine.
    I this case I'm talking to all system policies where RPC is evolved.

    Well, this is giving me the last few days quite an headache.

    Only difference is the OS, Standard vs Enterprise.
    However I run an MD5 hash against all exe files and dll files in the Windows folder for standard and enterprise and the files are identical.


    So my question, Where is ISA going wrong with their strict RPC compliance for this?
    Last edited by Dumber; 25th November 2008, 13:37.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"


  • #2
    Re: ISA 2006 With NLB not working on Windows 2003 Standard

    Do I always post hard questions or something?
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: ISA 2006 With NLB not working on Windows 2003 Standard

      Additional;

      The involved system policies which I manually recreated as access rules are:
      • Active Directory
      • Microsoft Management Console
      • Array Member Communication
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: ISA 2006 With NLB not working on Windows 2003 Standard

        I had loads of problems with ISA NLB when the tcp chimney thing was set. Might be worth checking? Other than that, no idea!
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: ISA 2006 With NLB not working on Windows 2003 Standard

          Well in that case I would assume that Windows 2003 EE would have the same problems.
          Btw, both environments are installed within the same ESX testbox (I love our dual quad core with 16GB memory and 15K disks)
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: ISA 2006 With NLB not working on Windows 2003 Standard

            Ah sorry, didn't realise they were quite that identical!
            cheers
            Andy

            Please read this before you post:


            Quis custodiet ipsos custodes?

            Comment


            • #7
              Re: ISA 2006 With NLB not working on Windows 2003 Standard

              They are completely identical.
              Same software, same SP levels, same vmware box, same vm client software
              only difference: Windows 2003 EE vs Windows 2003 SE

              This is quite interesting huh?
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: ISA 2006 With NLB not working on Windows 2003 Standard

                anybody else?
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment


                • #9
                  Re: ISA 2006 With NLB not working on Windows 2003 Standard

                  Might be worth posting on isaserver.org? Thomas et al may be able to offer ideas?
                  cheers
                  Andy

                  Please read this before you post:


                  Quis custodiet ipsos custodes?

                  Comment


                  • #10
                    Re: ISA 2006 With NLB not working on Windows 2003 Standard

                    Done,
                    http://forums.isaserver.org/NLB_issu...2077383/tm.htm
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment


                    • #11
                      Re: ISA 2006 With NLB not working on Windows 2003 Standard

                      I see from the other forum you haven't sorted this.
                      Maybe it is worth reloading the faulty one to see if it was something else causing the issue. Most odd!
                      cheers
                      Andy

                      Please read this before you post:


                      Quis custodiet ipsos custodes?

                      Comment


                      • #12
                        Re: ISA 2006 With NLB not working on Windows 2003 Standard

                        Already done multiple times.
                        All within a test lab.

                        I believe one of my coworkers on a other department has created a case by MS.
                        Although I might not have an issue, it's weird and not OK in my opinion.
                        There is some kind of differencing with the RPC traffic between 2003 EE and 2003 SE

                        It's just as weird as this one;
                        http://forums.petri.com/showthread.php?t=22564
                        Marcel
                        Technical Consultant
                        Netherlands
                        http://www.phetios.com
                        http://blog.nessus.nl

                        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                        "No matter how secure, there is always the human factor."

                        "Enjoy life today, tomorrow may never come."
                        "If you're going through hell, keep going. ~Winston Churchill"

                        Comment


                        • #13
                          Re: ISA 2006 With NLB not working on Windows 2003 Standard

                          Ok little thing to add.
                          I've done a MD5 hash on all files in C:\windows and sub folders but can't find a difference.
                          Neither something in the registry.

                          There must be an other routine being called.

                          To add, now we have a customer, same config (windows 2003 STD + ISA 2004 EE) and a lot of clients looses there Internet connectivity to one of the servers.
                          Setting the proxy to there fixed IP address (so not the VIP) works fine.
                          Last edited by Dumber; 26th May 2009, 14:55.
                          Marcel
                          Technical Consultant
                          Netherlands
                          http://www.phetios.com
                          http://blog.nessus.nl

                          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                          "No matter how secure, there is always the human factor."

                          "Enjoy life today, tomorrow may never come."
                          "If you're going through hell, keep going. ~Winston Churchill"

                          Comment

                          Working...
                          X