RE: Automatic Updates

From: "Aman Bedi" <gurkirpal.bedi@xxxxxxxxxxx>
To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
Date: Wed, 26 Jan 2005 17:36:27 -0500
Hi jim, 

The relevant log rows are there is that mail.
I will post the isainfo in a few mins.

Thanks

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, January 26, 2005 5:22 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Automatic Updates

http://www.ISAserver.org

Please include log snips and your ISAInfo.
Your description is lacking critical information.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Aman Bedi [mailto:gurkirpal.bedi@xxxxxxxxxxx] 
Sent: Wednesday, January 26, 2005 13:53
To: [ISAserver.org Discussion List]
Subject: [isalist] Automatic Updates

http://www.ISAserver.org


Hi guys , 

As I posted earlier I am having problem with auto updates. I was able to
go
to windows update site manually after I made changes as per jim's
article.
Created a rule ( windows update ) to allow access to all users to
windows
update sites ( http, https)my clients are proxy / firewall client.

Still my clients cannot access updates thru autoupdates. The evnt log
shows
event id 16 saying auto updates failed as could not connect. The ISA log
for
that time is as follows. 

The rule Windows Update is for all users 
And HTTP and HTTPs access is for authenticated users.

I am using ISA 2004

The log shows that svchost.exe tries to connect and uses firewall client
and
the user is scanbuy013$ (machinename$) which I guess is the system
account. 

The connection is initiated and closed instantly.

Do I have to add "system and network service" User for these rules ? or
is
that included in all authenticated users ?

Any help would be great as I have been trying on this thing since days..


-----
Aman
-----


Original Client IP      Client Agent    Authenticated Client    Service
Destination Host Name   Source Port     Processing Time Bytes Sent
Bytes Received  Result Code     HTTP Status Code        Cache
Information
Error Information       Log Record Type Log Time        Destination IP
Destination Port        Protocol        URL     Action  Rule    Client
IP
Client Username Source Network  Destination Network     HTTP Method

192.168.1.191   svchost.exe:3:5.1                       -       1701
0
0       0       0x0             0x0     0x0     Firewall
1/26/2005
15:57   64.4.21.188     443     HTTPS           Initiated Connection
Windows Update  192.168.1.191   SCANBUYHQ\SCANBUY013$   Internal
External        

192.168.1.191   svchost.exe:3:5.1                       -       1701
0
0       2151    0x80074e24              0x0     0x0     Firewall
1/26/2005 15:57 64.4.21.188     443     HTTPS           Closed
Connection
Windows Update  192.168.1.191   SCANBUYHQ\SCANBUY013$   Internal
External        

0.0.0.0 -       Yes     Proxy   -       0       0       2151    70
13      0x0     0x0     Web Proxy Filter        1/26/2005 15:57
64.4.21.188
443     -       -       Failed Connection Attempt       -
192.168.1.191   -       -       -       -

192.168.1.191   svchost.exe:3:5.1                       -       1700
109
0       0       0x0             0x0     0x0     Firewall
1/26/2005
15:57   64.4.21.188     80      HTTP            Initiated Connection
HTTP
and HTTPS access        192.168.1.191   SCANBUYHQ\SCANBUY013$   Internal
External        

192.168.1.191   svchost.exe:3:5.1                       -       1699
94
0       0       0x0             0x0     0x0     Firewall
1/26/2005
15:57   64.4.23.29      80      HTTP            Initiated Connection
HTTP
and HTTPS access        192.168.1.191   SCANBUYHQ\SCANBUY013$   Internal
External        


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gurkirpal.bedi@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
RE: Automatic Updates

Other related posts:
