If you’ve had a chance to read about resource requirements for Outlook RPC/HTTP, you probably know that it requires more connections through the ISA firewall than OWA and other connection types. Each connection requires a socket (protocol+port+IP address combination).
There are a limited number of sockets available on the ISA firewall (and any other networked device, for that matter). Once the total number of available sockets is exhausted, communications begin to slow and eventually stop. That’s why it’s important that you size your ISA firewall array appropriately before deploying a remote access strategy to Exchange through ISA firewalls.
Yuri Diogenes points out an interesting case he ran into when troubleshooting an RPC/HTTP problem. It turned out that that the ISA firewall in question had run out of sockets. What’s very interesting about his solution is that he was able to leverage the netstat tool to figure out what the problem is. Check out Yuri’s article at:
Make sure you check out the link Yuri mentions in his post regarding Port Exhaustion. This is a link to a directory services team blog post about how to use netstat to diagnoses port exhaustion problems. This is a must read for all Microsoft networking pros.
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)