Re: SMS 2K3 Client on ISA 2004 can't talk to SMS server
- From: "Kim Oppalfens [MVP]" <""Kim dot Oppalfens\"@google mail.com">
- Date: Tue, 06 Nov 2007 10:18:19 +0100
Marc Ramsay wrote:
I have and ISA 2004 server in a Windows 2003 A/D domain with the SMS 2003 Advance Client installed. SMS SW & HW inventories are working as the server reports that it needs specific updates, however, the SMS client is unable to connect to the SMS server and retrieve those updates.Have you checked for any errors in sms client logs? See windows\system32\ccm\logs.
I have a firewall rule that states that all traffic is allowed between the ISA server and the SMS server for all users, even anonymous ones. However, a System Policy rule seems to take precidence. There are always three entries in the ISA log when communications between the client and server. The following is copied from the ISA server log:
Original Client IP Client Agent Authenticated Client Service Server Name Referring Server Destination Host Name Transport MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Raw Payload Source Port Processing Time Bytes Sent Bytes Received Result Code HTTP Status Code Cache Information Error Information Log Record Type Log Time Destination IP Destination Port Protocol Action Rule Client IP Client Username Source Network Destination Network HTTP Method URL
10.158.10.50 GW1 - TCP - - 3412 0 0 0 0x0 0x0 0x0 Firewall 05/11/2007 2:17:13 PM 10.158.10.35 80 HTTP Initiated Connection Allow HTTP/HTTPS requests from ISA Server to specified sites 10.158.10.50 Local Host Internal - -
0.0.0.0 ccmhttp No Proxy GW1 TCP - - - - - - 0 16 2253 2431 12202 The ISA Server denied the specified Uniform Resource Locator (URL). 0x0 0x200 Web Proxy Filter 05/11/2007 2:17:13 PM 10.158.10.35 80 Denied Connection 10.158.10.50 anonymous CCM_POST /ccm_system/request
10.158.10.50 GW1 - TCP - - 3412 32 0 2253 0x80074e24 0x0 0x0 Firewall 05/11/2007 2:17:13 PM 10.158.10.35 80 HTTP Closed Connection Allow HTTP/HTTPS requests from ISA Server to specified sites 10.158.10.50 Local Host Internal - -
The connection is initiated and allowed by the "Allow HTTP/HTTPS requests from ISA Server to specified sites" System Policy rule, then it denies the specific URL, the the connection is closed.
I have added APP1 to the list of Allowed Sites (APP1 is the name of the SMS server - 10.158.10.35) without any success.
I cannot find anything anywhere regarding issues with the SMS Advanced Client on an ISA server, so I'm obviously missing something. If I turn off the Firewall Service on the ISA server then the SMS updates procede as normal, but this is not a viable work-around....
Any help would be appreciated.
--
"Everyone is an expert at something"
Kim Oppalfens - Sms Expert for lack of any other expertise
Windows Server System MVP - SMS
http://www.blogcastrepository.com/blogs/kim_oppalfenss_systems_management_ideas/default.aspx
.
- Prev by Date: Re: Reinstall AD Schema Extensions
- Next by Date: Re: SMS 2K3 Client on ISA 2004 can't talk to SMS server
- Previous by thread: Re: Reinstall AD Schema Extensions
- Next by thread: Re: SMS 2K3 Client on ISA 2004 can't talk to SMS server
- Index(es):
Relevant Pages
|
