ISA 2006 Disable Lockdown on log failure

In Microsoft ISA Server, alerts can be configured to shut down the Microsoft Firewall service when situations that raise specific events occur. Whenever the Firewall service shuts down, ISA Server goes into lockdown mode, in which only specific types of traffic are allowed. ISA Server can leave lockdown mode only when the Firewall service is restarted. By default, the built-in Log failure alert shuts down the Firewall service. This alert is triggered by the Log failure event, which is raised when a logging failure occurs. You can prevent logging failures from causing ISA Server to go into lockdown by disabling the action of the Log failure alert that shuts down the Firewall service.

Microsoft have documented this on Microsoft Technet, although this solution is documented for ISA 2004, it seems to work just fine for ISA 2006. The only problem I encountered is that the script on Technet seems to have be “text wrapped” so it comes up with syntax errors.

 

***WARNING***

I am not in any way suggesting that this script should be run on your ISA servers. Lockdown mode is not a bug and was included in the product by design, there are many reasons why it is a good thing so my advice is that you consider all options very carefully before running this script. ALWAYS backup your configuration first!!

 

I have corrected the syntax errors, DisableLockdownOnLogFailure.vbs can be downloaded here