RE: How to allow ISA 2004 to contact SUS server?

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 13 Oct 2004 22:15:59 -0700

1. "Edit System Policies"
2. Scroll all the way down to the bottom to "Allowed Sites"
3. click the "To" tab
4. click "Add"
5. Click "New", then "Computer"
6. Enter "172.16.0.231" in the IP field
7. Click "Add" to add it to the destinations list

..you're a big boy...
I bet you can sort out the rest...

Jim

-----Original Message-----
From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx] 
Sent: Wednesday, October 13, 2004 3:25 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] How to allow ISA 2004 to contact SUS server?

http://www.ISAserver.org

Hi

We have an internal SUS server that downloads patches from the MS site.
Once these are approved, local machines updates from here.
How do I allow the ISA Server 2004 to contact this local SUS server and
download updates.?
I've added this internal server to the 'System Policy Allowed Sites'
domain set, and System policy #17 is enabled.

Do I need a FW policy rule as well to allow for local host -> internal
http requests?

Log files below

172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27,
-, HERMES, -, -, 172.16.0.231, 80, 1, 141, 262, -, -, HEAD,
/iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied
172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27,
-, HERMES, -, -, 172.16.0.231, 80, 1, 140, 2256, -, -, GET,
/iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied
172.16.0.10, anonymous, Industry Update Control, -, 10/14/2004, 9:52:27,
-, HERMES, -, -, 172.16.0.231, 80, 1, 263, 2256, -, -, GET,
/wutrack.bin?V=1&U=1298a8e9f3151942bb95522155d0ce5f&C=au&A=s&I=&D=&P=5.2
.ece.2.110.3.0&L=en-US&S=f&E=80190193&M=ver%3D5.4.3790.0&X=0410132052283
63, -, -, 12202, -, -, -, -, -, 0x0, Denied
=========
HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80,
172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS
requests from ISA Server to specified sites, HTTP, -, 0, 0, 0, 0, -, -,
-, -, -, -, -, -, 2, 3378, -, -, -
HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80,
172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow
HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0,
262, 262, -, -, -, -, -, -, -, -, 2, 3378, -, -, -
HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80,
172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS
requests from ISA Server to specified sites, HTTP, -, 0, 0, 0, 0, -, -,
-, -, -, -, -, -, 2, 3379, -, -, -
HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80,
172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow
HTTP/HTTPS requests from ISA Server to specified sites, HTTP, -, 0, 0,
2256, 2256, -, -, -, -, -, -, -, -, 2, 3379, -, -, -

RajiA

Email disclaimer: This email and any attachments are confidential. If
you are not the intended recipient, do not copy, disclose or use the
contents in any way. If you receive this message in error, please let us
know by return email and then destroy the message. Environment Bay of
Plenty is not responsible for any changes made to this message and/or
any attachments after sending.
******************************************************
This e-mail has been checked for viruses and no viruses were detected.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail from this domain has been virus-scanned.

Other related posts:

• » How to allow ISA 2004 to contact SUS server?
• » RE: How to allow ISA 2004 to contact SUS server?
• » RE: How to allow ISA 2004 to contact SUS server?

1. Home
2. isalist
3. Archive
4. 10-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---