This article was previously published under Q319381
This article has been archived. It is offered "as is" and will no longer be updated.
When you use the Microsoft Media Server - Universal Datagram Protocol (MMSU) protocol from a Windows Media Player client that is behind an ISA Server computer, the Windows Media Player client may not work when it is connected to an external Windows Media Services resource that is hosting a server-side playlist and you try to move from one item in the server-side playlist to another.
You only see these symptoms when you connect to the server-side playlist host from a computer that is using the firewall client. Secure network address translation (SecureNAT) clients do not experience this issue.
Note that you only see the issue when you use MMSU to connect. If you instead use Microsoft Media Server - Transmission Control Protocol (MMST) to connect, you do not experience this issue. Also, the Windows Media Player client may not work if you connect by using Microsoft Media Server (MMS). By default, MMS tries MMSU first.
When the Windows Media Player client moves to the next item in the server-side playlist, it closes and releases the Universal Datagram Protocol (UDP) port that was previously negotiated with the Streaming Media application filter in ISA (ISA Server installs the application filter in integrated and firewall mode). When the Windows Media Player client later tries to reuse this UDP port by binding it again, the port has already been closed on the ISA Server, and the packet filter driver in ISA drops the incoming MMSU UDP packets.
Even if you permit the Windows Media Player client to reuse the previously released UDP port by binding it again, a race condition may occur. For example, this may occur if the Windows Media Player client tries to reuse the UDP port before it has been properly freed at the ISA server. In this case, ISA returns an error to the Windows Media Player client indicating that the port is already in use (WSAEADDRINUSE). This potential race condition, which leads to the "Address already in use" error message, is also resolved in the hotfix that is described in this article.
You must install ISA Server Service Pack 1 (SP1) before you install the following hotfix. For additional information about how to obtain the latest ISA Server service pack, click the following article number to view the article in the Microsoft Knowledge Base:
313139 How to obtain the latest Internet Security and Acceleration Server 2000 service pack
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
To install the fix, run the self-extracting file. You do not have to restart the ISA Server computer. If the computer is part of an ISA Server array, you do not have to shut down the whole array. You can install this fix on a one-by-one basis.
The English version of this hotfix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name ----------------------------------------------------------- 03-Nov-2002 10:48 3.0.1200.183 176,912 Mspadmin.exe 03-Nov-2002 10:48 3.0.1200.183 99,600 Msphlpr.dll 03-Nov-2002 10:48 3.0.1200.183 62,736 Strmfltr.dll 03-Nov-2002 10:47 3.0.1200.183 388,368 W3proxy.exe 03-Nov-2002 10:48 3.0.1200.183 297,232 Wspsrv.exe
This fix also applies to the French, German, Spanish, and Japanese versions of ISA Server.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Before you install the hotfix that this article describes, you may notice port scan events that are similar to the following in the application event log:
Event Type: Warning Event Source: Microsoft ISA Server Control Event Category: Packet filter Event ID: 15104 Description: ISA Server detected a well-known port scan attack from Internet Protocol (IP) address 10.10.10.10. A well-known port is any port in the range of 1-2048. For more information about this event, see ISA Server Help.
Event Type: Warning Event Source: Microsoft ISA Server Control Event Category: Packet filter Event ID: 15105 Description: ISA Server detected an all port scan attack from Internet Protocol (IP) address 10.10.10.10. For more information about this event, see ISA Server Help.
The IP address in these events typically comes from the Windows Media Services resource that is hosting the server-side playlist.
Microsoft Internet Security and Acceleration Server 2000 Standard Edition, Microsoft Internet Security and Acceleration Server 2000 Service Pack 1, Microsoft Web Services Enhancements for Microsoft .NET 1.1