As per Microsoft: "If your server is running Internet Security and Acceleration (ISA) Server, then at midnight ISA Server creates a new MSDE instance to store the next day's logging information for the Web and proxy traffic. If a backup is also a scheduled to begin at midnight, there is a conflict between the ISA Server MSDE instance and the backup process, and this conflict causes the server to lock down.
To exit the lockdown, restart the Microsoft Firewall service. To prevent this issue in the future, schedule the server backup to start at either 11:30 P.M. or 12:30 A.M. This ensures that there is no conflict between the ISA Server MSDE instance and the backup process". See the link to "TechNet - The server locks down reporting Event ID 21192" for additional information.
The server had a 21192 error in the event log. The ISA Server Web filter was unable to connect to MSDE database. The MSDE error description was: “Could not perform the requested operation because the minimum query memory is not available. Decrease the configured value for the “min memory per query” server configuration option. The statement has been terminated”. Then an informational event with Microsoft Firewall service being terminated gracefully was logged.
Restarting the MS Firewall service (ISA) would yield the same error. I had to restart the MSDE database (MSSQL$MSFW) and then MS Firewall for it to start.
- Error: "Timeout expired" - From a newsgroup post: "This problem can be due to a timeout connecting to the MSDE database. By default, the time out is set to 15 seconds. On large databases, if the ISA server has multiple purposes (Exchange, DC, SQL) this can become a problem as resources are not always available within the default timeout period. This timeout can be edited via the following registry value:
DatabaseQueryTimeout - RegDword
You may set this value to 300 decimal to provide a large enough timeout window to avoid this problem".