Event ID 4963 Expand / Collapse
Author
Message
Posted 1/25/2010 12:19:37 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 2/25/2010 10:52:17 AM
Posts: 1, Visits: 2
We see this even very frequently while running a system implementing domain isolation with Windows Firewall and Server 2008.

We generally isolated the cause to be the following:

Windows Firewall is quite flaky. Any change to its configuration appears to cause the entire service to reset (there is even a few seconds where the system appears to be running open without the firewall at all, and will respond to pings it should block). This causes all existing IPsec SAs to be dropped, and from then onwards all incoming packets will be dropped and this event will be logged.

We even found that a background group policy update sometimes triggered a firewall reset even when no changes were made to the firewall config.

Post #301
Posted 3/10/2010 5:36:52 PM
Expert

ExpertExpertExpertExpertExpertExpertExpertExpert

Group: Administrators
Last Login: 4/20/2009 7:57:33 AM
Posts: 329, Visits: 0
Wow, thank you for the information.  What version exactly?  Wonder if it changes on Win2008 R2
Post #329
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 8:37am