Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

You receive a "Resource allocation failure" alert on your Internet Security and Acceleration Server 2006, ISA Server 2004, Forefront Threat Management Gateway Medium Business Edition, or Windows Essential Business Server 2008 computer


View products that this article applies to.

Symptoms

On your Microsoft Internet Security and Acceleration (ISA) Server computer or Microsoft Forefront Threat Management Gateway, Medium Business Edition computer, the following alert may appear in the Management tool after you expand your ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition computer name, click Monitoring, and then click the Alerts tab:
Resource allocation failure
The alert description is similar to the following:
Description: The Web Proxy filter failed to bind its socket to IP_address port 80. This may have been caused by another service that is already using the same port or by a network adapter that is not functional. To resolve this issue, restart the Microsoft Firewall service. The error code specified in the data area of the event properties indicates the cause of the failure. The failure is due to error: 0x80072740.
Note The same description is repeated for the IP address 127.0.0.1.

If you restart the Microsoft Firewall service, the alert is logged again.

When you receive the alert, you may experience either or both of the following symptoms:
  • Clients that are configured to use automatic discovery cannot connect to the ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition computer.
  • Users cannot connect to a Web site that is published through a Web publishing rule on your ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition computer. The Web publishing rule uses a listener that is configured to use port 80.

↑ Back to the top


Cause

This issue occurs if the following conditions are true:
  • You have other programs installed on your ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition computer. For example, you are running Microsoft Internet Information Services (IIS).
  • Another program is already using the port that ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition needs for a listener. For example, ISA Server creates listeners for Web publishing rules and for components, such as automatic discovery, Web Proxy, and the Firewall Client.
Note A resource allocation failure means that two programs are trying to bind to the same socket. A socket is the combination of the IP address and the port.

↑ Back to the top


Workaround

For ISA Server

To work around this issue, do not configure ISA Server and another program to use the same socket. If you can, remove any programs that are installed on your ISA Server computer and that may be using a port that ISA Server needs for a listener. If IIS is the other program that is running on your ISA Server computer, you can do any one of the following:
  • Remove IIS if you are not using it.
  • Disable socket pooling in IIS, and then configure IIS to listen on any port besides port 80 and port 8080. Also, make sure that you configure IIS to listen only on a specific IP address.

    Note In Microsoft Windows 2000 Server, IIS is installed by default. Also, the default installation listens on all unassigned IP addresses.

    For additional information about how to disable socket pooling if ISA Server 2004 is installed on a Windows 2000 Server-based computer, click the following article numbers to view the articles in the Microsoft Knowledge Base:
    238131 How to disable socket pooling
    259349 IIS binds to all available IP addresses when it starts

    For additional information about how to disable socket pooling if ISA Server 2004 is installed on a Microsoft Windows Server 2003-based computer, click the following article number to view the article in the Microsoft Knowledge Base:
    813368 Setting metabase property DisableSocketPooling has no effect in IIS 6.0
    Note If IIS is installed on your ISA Server computer, and you want to use automatic discovery, we recommend that you configure IIS to use another port instead of port 80. ISA Server 2004 uses TCP port 80 to publish automatic discovery information. If you do configure IIS to use another port, users must specify a port if they connect to a Web site that is published directly on your ISA Server computer.
  • Disable socket pooling, and let IIS listen on port 80 for any network except for the external network. If you do this, remember that automatic discovery will not work.

For Microsoft Forefront Threat Management Gateway, Medium Business Edition

Uninstall any other program that may be using these ports, such as port 80.

↑ Back to the top


More information

For additional information about how to publish a Web site directly on your ISA Server 2004 computer, click the following article number to view the article in the Microsoft Knowledge Base:
885186 How to publish a Web site directly on your Internet Security and Acceleration Server 2004 computer

↑ Back to the top


Keywords: KB888650, kbprb, kbfirewall, kbtshoot, kbisa2006swept

↑ Back to the top

Article Info
Article ID : 888650
Revision : 2
Created on : 12/29/2008
Published on : 12/29/2008
Exists online : False
Views : 448