RE: ISA 2004 FW Client
- From: v-crinal@xxxxxxxxxxxxxxxxxxxx (Crina Li (MSFT))
- Date: Thu, 30 Jun 2005 10:30:07 GMT
Hi Shepcon,
Thank you for posting in SBS newsgroup.
>From your description, I understand you want to still use the ISA2000
firewall client after you have updated to ISA 2004 server. If I have
misunderstood your concerns, please do not hesitate to let me know.
Yes, you can still use the Firewall Client for ISA Server 2000 in an ISA
Server 2004 network. However, this is not recommended.
ISA Server 2004 supports a more secure way of communication between the
Firewall client and ISA Server, which involves the use of encryption using
a TCP control channel. We recommend you configure ISA Server 2004 to
accept connections only from clients communicating in this secure way.
However, this prevents earlier versions of Firewall Client software from
connecting. It also prevents any Firewall Client running Windows NT Server
4.0, Windows Millennium Edition, or Windows 98 from connecting.
If you DO want the ISA Server 2004 to support earlier versions of the
Firewall Client software, including Firewall client for ISA Server 2000 and
the Winsock Proxy client (from Microsoft Proxy Server 2.0); and you DO want
the ISA Server 2004 to support Firewall clients running earlier operating
systems, including Microsoft Windows NT? Server 4.0, Windows? Millennium
Edition, or Windows 98, we may change the settings by performing the
following steps:
1. In the console tree of ISA Server Management, click General.
2. In the details pane, click Define Firewall Client Settings.
3. On the Connection tab, click Allow non-encrypted Firewall client
connections.
Note:
- When you select this option, computers running earlier versions of
Firewall Client software are allowed to connect.
- When you select this option, non-encrypted traffic from authenticated
users will be blocked. Users are only authenticated if firewall policy
rules specifically require authentication.
Hope the information help and I look forward to your reply.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: ISA 2004 FW Client
| From: "=?Utf-8?B?c2hlcGNvbg==?=" <shepcon@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: ISA 2004 FW Client
| Date: Wed, 29 Jun 2005 04:32:01 -0700
| | Newsgroups: microsoft.public.windows.server.sbs
| |
| I've completed several installs of SBS 2003 SP1 and I've found Susan's
| document for SP1 extremely helpful. I do have a few questions regarding
the
| ISA 2004 FW client following the Premium upgrade to SP1. Is it really
| necessary to install the ISA 2004 FW client if I'm already running the
ISA
| 2000 FW client? It seems to work just fine, but am I not seeing
something
| that I should be seeing? If I don't install the 2004 version of the FW
| client, will something not work that I'm not seeing now like monitoring?
Of
| course, with new computer installations, I'll install the 2004 version,
but I
| have many clients that are running the older 2000 ISA client and the time
to
| upgrade/reboot every PC would be nice to avoid. Also, the "auto" detect
| portion of the ISA 2004 FW client does not work as well as the ISA 2000
FW
| client. Is there a setting in ISA 2004 to configure this portion? I
know
| that ISA 2000 did have this, but these programs are so different and I
really
| haven't had time to learn the true differences.
|
| Thanks.
|
.
- References:
- ISA 2004 FW Client
- From: shepcon
- ISA 2004 FW Client
- Prev by Date: RE: MSSQL$Sharepoint service is Stopped SP1
- Next by Date: Network Browse issues over sbs2003 vpn connection
- Previous by thread: ISA 2004 FW Client
- Next by thread: Issues after installing ISA 2004 SP1
- Index(es):
Relevant Pages
|
