Re: WSUS 2.0

Are you sure you have ISA installed? It should be ISA that's blocking the other firewall from starting, not the other way around. I'm OK with ignoring VPN if you don't need it, but I would want to know that ISA is installed, and is configured properly with the CEICW.

VPN is generally slower than RWW, but I recommend making sure ISA is installed, configured, and running properly.

I'm a WSUS lover, but I confess that for two client PCs, I'd probably use Automatic Updates set to auto-install. For the server, AU set to auto download and notify. I don't let servers boot unattended if I can avoid it, and you don't need this thing to automatically reboot in the middle of a backup or while someone is working.


"-Draino-" <guest@xxxxxxxxxxx> wrote in message news:C71ADCC5-D4D4-4E8F-B609-810854B25658@xxxxxxxxxxxxxxxx
Hi Dave,

Thanks for the info on WSUS. I am only talking about 2 client PC's one is the owner of the company and the other is his helper. Both PC's are XPSP2 machines and they both do their own updates with MS.

The VPN issue is troubling because the Verizon Westell 327a router has a setting for PPTP pass through and I have enabled it. It shows that port 1723 is forwarded and GRE is enabled. The problem I believe is that I can't access the SBS Premium firewall because RRAS has ipnat.sys running and is blocking access to the firewall. Just before the wizard is about to make changes the window says that it can't configure my firewall but when the wizard actually runs it shows that the firewall IS being configured.

I have heard that VPN is slow anyway. I am not sure I would ever use it but I would at least like to get it working.

I don't want to mess around with things that I don't need too. The server is running great and RWW is working fine. I can access the server and my 2 workstations using RWW with no issues.


D



"Dave Nickason [SBS MVP]" <gwdibble@xxxxxxxxxxxxxxxxxxxxxx> wrote in message news:D46B695A-0484-4C15-B6F7-0DF6BD4F99FB@xxxxxxxxxxxxxxxx
Whether or not to use WSUS is an individual decision. Personally, I find WSUS one of the most valuable parts of my server, because I no longer worry about patching client PCs. As importantly, I have a central console to monitor that the desktops are up to date. (I'm running SP1 rather than R2 - with R2, WSUS gains even more functionality due to the monitoring integration).

You can install WSUS 3 SP1 without first installing WSUS 2. If you don't already have 2 installed, IMO that would be the way to go. I'm not sure how an unrelated app would cause WSUS to start reporting errors, but there are a number of troubleshooting tools available, so if you run into this again, I recommend fixing rather than uninstalling.

VPN: In the Server Mgmt Console, go to the Internet tab and run the "Configure remote access" wizard. From there, make sure GRE is enabled on the firewalls at both the client and server ends (also known as Protocol (not port) 47, or sometimes PPTP pass-through). Make sure TCP port 1723 is open to the SBS. FYI, there are several client-side firewalls that can block VPN, including WLOC in its default configuration, and I'm pretty sure the Vista one as well. Disabled GRE or other firewall settings seem to be the primary cause of VPN issues. BTW, have you considered RWW as an alternative to VPN?


"-Draino-" <guest@xxxxxxxxxxx> wrote in message news:E65D3982-886C-412D-BA19-67ECCDDB9970@xxxxxxxxxxxxxxxx
Hey All,

Everything is working on my new SBS2003 Premium Server except VPN. For the life of me I can't get this simple thing to work. But that is the least of my problems right now.

The ONLY thing I have uninstalled is WSUS 2.0. I was getting an error every 5 seconds in the event viewer. My question is can I install WSUS 3.1 without reinstalling WSUS 2.0??? And more importantly do I need it? NOTHING has been disabled and nothing else has been uninstalled.

My client has had a third party install Xcelerator Software via RDP for package tracking and that's when I started getting the WSUS errors. I haven't talked to the Xcelerator people but the server is clean with no data at all.

Just wondering if WSUS is a needed component on it's own??


D

--






For The Best Web Hosting Money Can Buy Go To:
http://www.serverpoint.com/1028.html


.

Relevant Pages

  • Re: Feedback solicited - best way to harden a mail/web server?
    ... Was the system protected by a properly configured firewall? ... it's not a bad "starting point" and it can generate an IPtables rule ... > nor is there a web or ftp server; aside from that I haven't tried to secure ... Before I'll install some nifty application ...
    (comp.os.linux.security)
  • Re: need help re. office network install
    ... > and their network is a mess, the result of years of neglect. ... they have a gateway server w/ no special ... > firewall rules on it, they have a large DMZ that serves no purpose ... install anymore software on the firewall machine than is absolutely ...
    (comp.os.linux.networking)
  • Re: Rogue PHP file
    ... Chances are there is a phishing site on the server. ... Calling support on Monday morning is a free call and they have forensic investigation tools to let you know what is on that box. ... If someone has rights to install stuff on a system from inside the lan no amount of a firewall will help unless you have rules monitoring what's going on. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS R2 ISA2004 Dark Arts
    ... And, yes, I installed the firewall clients on all of the desktops/laptops. ... I have installed SBS2003 R2 (and all service packs and WSUS updates). ... I install ISA2004 following the instructions exactly. ...
    (microsoft.public.windows.server.sbs)
  • Re: Trend SMB 3.0 Issues
    ... >> or it's name (specified during install). ... If I go directly to the site via IE (Server ... >> sounds like XP firewall. ... Look for blocked packets on the ports trend ...
    (microsoft.public.windows.server.sbs)