1. "Edit System Policies" 2. Scroll all the way down to the bottom to "Allowed Sites" 3. click the "To" tab 4. click "Add" 5. Click "New", then "Computer" 6. Enter "172.16.0.231" in the IP field 7. Click "Add" to add it to the destinations list ..you're a big boy... I bet you can sort out the rest... Jim -----Original Message----- From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx] Sent: Wednesday, October 13, 2004 3:25 PM To: [ISAserver.org Discussion List] Subject: [isalist] How to allow ISA 2004 to contact SUS server? http://www.ISAserver.org Hi We have an internal SUS server that downloads patches from the MS site. Once these are approved, local machines updates from here. How do I allow the ISA Server 2004 to contact this local SUS server and download updates.? I've added this internal server to the 'System Policy Allowed Sites' domain set, and System policy #17 is enabled. Do I need a FW policy rule as well to allow for local host -> internal http requests? Log files below 172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27, -, HERMES, -, -, 172.16.0.231, 80, 1, 141, 262, -, -, HEAD, /iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied 172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27, -, HERMES, -, -, 172.16.0.231, 80, 1, 140, 2256, -, -, GET, /iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied 172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27, -, HERMES, -, -, 172.16.0.231, 80, 1, 263, 2256, -, -, GET, /wutrack.bin?V=1&U=1298a8e9f3151942bb95522155d0ce5f&C=au&A=s&I=&D=&P=5.2 .ece.2.110.3.0&L=en-US&S=f&E=80190193&M=ver%3D5.4.3790.0&X=0410132052283 63, -, -, 12202, -, -, -, -, -, 0x0, Denied ========= HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80, 172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0, 0, 0, -, -, -, -, -, -, -, -, 2, 3378, -, -, - HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80, 172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0, 262, 262, -, -, -, -, -, -, -, -, 2, 3378, -, -, - HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80, 172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0, 0, 0, -, -, -, -, -, -, -, -, 2, 3379, -, -, - HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80, 172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0, 2256, 2256, -, -, -, -, -, -, -, -, 2, 3379, -, -, - RajiA Email disclaimer: This email and any attachments are confidential. If you are not the intended recipient, do not copy, disclose or use the contents in any way. If you receive this message in error, please let us know by return email and then destroy the message. Environment Bay of Plenty is not responsible for any changes made to this message and/or any attachments after sending. ****************************************************** This e-mail has been checked for viruses and no viruses were detected. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail from this domain has been virus-scanned.