Re: Problem with updates
- From: "DennisG" <d.gaither@xxxxxxxxxxxxxxx>
- Date: Thu, 5 Feb 2009 10:53:16 -0700
Thanks Phillip, I will try the rule for the McAfee update once I figure out
which protocal it needs.
Yep, I figured it would probably be best just to put the client software in
a location that everyone can get to already. Thanks for the advice on that
too.
Also, I did setup the Auto Discovery using wpad but when I tell the client
to auto discover it does not find the ISA Server. However if I enter the
specific name of the ISA server it communicates with it immediatly. Hmmmm
One other problem I am having is that I cannot get connected from outside
via VPN. I configured ISA from the start to accept VPN but I just can't get
connected. It has me baffled because all of my rules & policies seam to be
in order. What might some of the common problems be in regards to this?
Thank you again for all of your advice.
"Phillip Windell" <philwindell@xxxxxxxxxxx> wrote in message
news:O5TeKZ7hJHA.1172@xxxxxxxxxxxxxxxxxxxxxxx
"DennisG" <d.gaither@xxxxxxxxxxxxxxx> wrote in message
news:eHHPeb5hJHA.4556@xxxxxxxxxxxxxxxxxxxxxxx
Anyway, before I installed ISA, I had my McAfee updates being "pushed" to
this new server (running Windows Server 2003 SP2 Standard) and now it is
unable to be updated from the other server (running same server OS). Is
there a Firewall rule that I need to put in place?
It takes an Access Rule. If the update function does not use a standard
predefined protocol then you will have to create one. It will be an
*outbound* Protocol, so don't get hung up on that idea.
If you want the Rule to be a specific as possible then create a Computer
Object for the McAfee Server. Then the Rule will look like this:
From: [McAfee Server Computer Object]
To: LocalHost Network [This is a predefined Object]
Protocol: <whatever protocol is required>
Users: "All Users" [All Users = anonymous,...yes it needs to be that]
Use Defaults on everything else
Also, during the install I told it that I wanted the Firewall Client
Share to be put on the ISA server but none of my workstations can browse
to that server. Everyone on the internal network can ping the ISA Server.
Forget it, that method is not worth the trouble and you don't really what
the Firewall sharing anything. The Firewall Client has been replaced by a
new one anyway. Download it from MS's site,...the KB Article is KB929556.
Just place it on a File Server that can be easily accessed from the
Clients,...or just stick it on a thumb drive and install it from that.
I *highly* recommend you configure the LAN for proxy autodetection via
WPAD.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or
Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
.
- Follow-Ups:
- Re: Problem with updates
- From: Phillip Windell
- Re: Problem with updates
- References:
- Problem with updates
- From: DennisG
- Re: Problem with updates
- From: Phillip Windell
- Problem with updates
- Prev by Date: Re: ISA 2006 in a DMZ
- Next by Date: Re: Listening IP Address
- Previous by thread: Re: Problem with updates
- Next by thread: Re: Problem with updates
- Index(es):
Relevant Pages
|
Loading
