Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Forefront TMG 2010 Firewall Service-based member of a Forefront TMG array stops responding when another Forefront TMG Firewall Service-based member is stopped


View products that this article applies to.

Symptoms

Consider the following scenario:
  • Two members of a Microsoft Forefront Threat Management Gateway (TMG) array host Forefront TMG 2010 Firewall Service.
  • You stop one member of the Forefront TMG array.
In this scenario, the other member stops responding to requests. Additionally, the FWX_E_IS_BUSY error is logged in the Firewall log.

↑ Back to the top


Cause

This issue occurs because a continuous loop that creates new connections is formed between the Forefront TMG Firewall Service (fweng) driver and an instance of Forefront TMG Firewall Service. Therefore, the FWX_E_IS_BUSY error is logged in the Firewall log after a while, and the instance of Forefront TMG Firewall Service stops responding.

This loop occurs when a connection for a data pump is routed to the same local address that initiated the data pump.

Notes
  • When this issue occurs, Web publishing fails, and then an instance of the 500 internal server error occurs. Also, flood mitigation quotas are reached, and then some alerts are raised.
  • The communication between the two instances of Forefront TMG Firewall Service uses remote procedure calls (RPC). This RPC traffic is the traffic that initiates the continuous loop that creates new connections.
  • The Windows dead gateway detection mechanism of Forefront TMG Firewall Service routes the data pump traffic to the same local address.

↑ Back to the top


Resolution

Update information

To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:
2433623 Software Update 2 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top


References

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top


Keywords: kbqfe, kbfix, kbexpertiseinter, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2445979
Revision : 2
Created on : 9/26/2018
Published on : 9/26/2018
Exists online : False
Views : 284