[isapros] Re: [ISAServer] ISA, SP2 and the last patches

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isapros@xxxxxxxxxxxxx>
• Date: Wed, 12 Jul 2006 19:00:10 -0500

Internal and external interfaces on the same network ID?

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Frédéric ESNOUF [mailto:frederic@xxxxxxxxxx] 
> Sent: Wednesday, July 12, 2006 4:29 PM
> To: isaserver@xxxxxxxxxxxxxxx
> Subject: Re: [ISAServer] ISA, SP2 and the last patches
> 
> There are 2 interfaces on this machine : 192.168.197.204 is 
> supposed to be 
> LAN and 192.168.197.203 is supposed to be the LAN.
> 
> In this scenario, my machine uses only the WAN Card, which is 
> the one which 
> has a default gateway.
> 
> Thanks
> 
> Frédéric ESNOUF (MCSE - ISA MVP)
> Email : frederic@xxxxxxxxxx
> Visit ISAServerFR.org
> You plan to implement Quarantine on ISA 2004 ?
> Check this : http://www.esnouf.net/qss_main.htm
> Download QSS, learn with videos and screenshots...
> Buy my book onine : www.esnouf.net, and click the Amazon link.
> ----- Original Message ----- 
> From: "Jim Harrison (ISA)" <Jim.Harrison@xxxxxxxxxxxxx>
> To: <isaserver@xxxxxxxxxxxxxxx>
> Sent: Wednesday, July 12, 2006 11:18 PM
> Subject: RE: [ISAServer] ISA, SP2 and the last patches
> 
> 
> Is this a single-ended ISA?
> I only see one interface here...
> 
> Jim Harrison
> I absolutely hate "the customer can stand on their left foot, 
> hold one hand 
> over their head and chant "booga-wonka-whee!" while pressing 
> CTRL-ALT-WIN-PrtScn-SrlLk twice in rapid succession three 
> times" answers to 
> technical issues...
> 
> 
> 
> -----Original Message-----
> From: Jim Harrison (ISA) [mailto:Jim.Harrison@xxxxxxxxxxxxx]
> Sent: Wednesday, July 12, 2006 2:16 PM
> To: isaserver@xxxxxxxxxxxxxxx
> Subject: RE: [ISAServer] ISA, SP2 and the last patches
> 
> Just so I can verify that I'm not going (more) insane, please 
> tell me you 
> have a NAT device between your ISA and the Internet?
> This address pair just ain't possible otherwise:
> Source: 192.168.197.204
> Destination: 207.46.225.60
> 
> Jim Harrison
> I absolutely hate "the customer can stand on their left foot, 
> hold one hand 
> over their head and chant "booga-wonka-whee!" while pressing 
> CTRL-ALT-WIN-PrtScn-SrlLk twice in rapid succession three 
> times" answers to 
> technical issues...
> 
> 
> 
> -----Original Message-----
> From: Frédéric ESNOUF [mailto:frederic@xxxxxxxxxx]
> Sent: Wednesday, July 12, 2006 2:00 PM
> To: isaserver@xxxxxxxxxxxxxxx
> Subject: Re: [ISAServer] ISA, SP2 and the last patches
> 
> Jim,
> 
> In add/remove programs I have : www.esnouf.net/upd/addremove.gif.
> 
> All the traces are in www.esnouf.net/upd/
> 
> 
>     * goodmicrosoftdotcom.cap : I connect Microsoft.com and 
> it works fine
>     * badmicrosoft-malformed.cap : I connect Microsoft, but 
> the dispay is
> weird display, that kind : http://fesnouf.online.fr/upd/bug1.gif
>     * badmicrosoft-malformed2.cap : another example, with less frames.
>     * badmicrosoft-clickANonDisplayedImage.cap : this one is 
> interesting. I
> have the page of Microsoft.com, but some of the images are 
> not displayed (a
> cross: http://fesnouf.online.fr/upd/bug3.gif). I click on it, 
> and get these
> frames in the capture... and on the screen :
> http://fesnouf.online.fr/upd/bug2.gif
> 
> I have no special event on the ISA itself.
> 
> Thanks for your help.
> 
> regards
> 
> 
> Frédéric ESNOUF (MCSE - ISA MVP)
> Email : frederic@xxxxxxxxxx
> Visit ISAServerFR.org
> You plan to implement Quarantine on ISA 2004 ?
> Check this : http://www.esnouf.net/qss_main.htm
> Download QSS, learn with videos and screenshots...
> Buy my book onine : www.esnouf.net, and click the Amazon link.
> ----- Original Message ----- 
> From: "Jim Harrison (ISA)" <Jim.Harrison@xxxxxxxxxxxxx>
> To: <isaserver@xxxxxxxxxxxxxxx>
> Sent: Wednesday, July 12, 2006 10:28 PM
> Subject: RE: [ISAServer] ISA, SP2 and the last patches
> 
> 
> Let's please respond in terms of the current deployment, shall we?
> Also, the 915045 patch was superseded by the 916106 patch, 
> which is "the
> latest".
> 
> Frédéric; can you get simultaneous ISA captures of the requests?
> Can you verify in Add/Rmv Programs which patch is installed?
> What about your app event logs or ISA alerts?
> 
> Jim Harrison
> I absolutely hate "the customer can stand on their left foot, 
> hold one hand
> over their head and chant "booga-wonka-whee!" while pressing
> CTRL-ALT-WIN-PrtScn-SrlLk twice in rapid succession three 
> times" answers to
> technical issues...
> 
> 
> -----Original Message-----
> From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> [mailto:sbradcpa@xxxxxxxxxxx]
> Sent: Wednesday, July 12, 2006 1:12 PM
> To: isaserver@xxxxxxxxxxxxxxx
> Subject: Re: [ISAServer] ISA, SP2 and the last patches
> 
> "We" who run SBS doe
> 
> Error message when you try to access a Web site from a Web browser
> client that is located behind a computer that is running ISA 
> Server 2004
> with SP2: "Error Code: 502 Proxy Error":
> http://support.microsoft.com/kb/915045/
> 
> If you use a computer that is running Microsoft Small Business Server
> 2003 Premium Edition with ISA 2004, you may not be prompted 
> for reboot.
> To ensure that the patch is applied correctly on SBS computer, this
> patch should be installed using the following command: ||
> 
> msiexec /p "<PATH TO HOTFIX>\ISA2004SE-KB916106-x86-ENU.msp" 
> REBOOT=FORCE
> 
> 
> 
> Jim Harrison (ISA) wrote:
> 
> >No; "we" don't normally reboot after ISA patches unless the installer
> >instruct you to do so.
> >
> >Frédéric; can you provide some captures or ISA logs?
> >Do you see anything in application events or the ISA logs 
> for this traffic?
> >What is the OS language?
> >What is the ISA language (should match the OS or be US-ENG).
> >
> >Jim Harrison
> >I absolutely hate "the customer can stand on their left 
> foot, hold one hand
> >over their head and chant "booga-wonka-whee!" while pressing
> >CTRL-ALT-WIN-PrtScn-SrlLk twice in rapid succession three 
> times" answers to
> >technical issues...
> >
> >
> >-----Original Message-----
> >From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> >[mailto:sbradcpa@xxxxxxxxxxx]
> >Sent: Wednesday, July 12, 2006 12:08 PM
> >To: isaserver@xxxxxxxxxxxxxxx
> >Subject: Re: [ISAServer] ISA, SP2 and the last patches
> >
> >You rebooted after the last patches?
> >
> >(yes you don't have to reboot but we normally do anyway on 
> ISA patches)
> >
> >Frédéric ESNOUF wrote:
> >
> >
> >
> >>Hi guys,
> >>
> >>I am currently in the Carabeans (lucky me) to implement 3 
> ISA Servers.
> >>I am supposed to use these machine to do a lot of things, including
> >>OWA publishing.
> >>
> >>Yesterday everithing was fine (I was running SP1).
> >>
> >>I ran Windowsupdate and downloaded 2 things :
> >>   * SP2
> >>   * And some security patches (for the OS)
> >>Then, after that, a new Windowsupdated found 2 new things 
> including a
> >>patch for SP2.
> >>
> >>Now I am facing a big problem. No matter where I go with IE 
> (from the
> >>local host) I have error messages. It is the cas if I go on my OWa,
> >>and strange, if I connect some web site. Either it works, 
> it works but
> >>I get a very strange web page with no image, or an error 
> message liket
> >>this :
> >>
> >>Explanation: There is a problem with the page you are 
> trying to reach
> >>and it cannot be displayed.
> >>Error Code: 500 Internal Server Error. -107=
(-1073479663)
> >>
> >>Are you aware of any problem, I don't really see a logical 
> reason for
> >>this.
> >>
> >>Thanks for your quick help, I have a plane tomorrow morning ;-(.
> >>
> >>Regards
> >>
> >>Frédéric ESNOUF (MCSE - ISA MVP)
> >>Email : frederic@xxxxxxxxxx
> >>Visit ISAServerFR.org
> >>You plan to implement Quarantine on ISA 2004 ?
> >>Check this : http://www.esnouf.net/qss_main.htm
> >>Download QSS, learn with videos and screenshots...
> >>Buy my book onine : www.esnouf.net, and click the Amazon link.
> >>
> >>
> >>
> >>---
> >>To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> >>In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
> >>youremailaddress
> >>
> >>To leave the list - send an email to list@xxxxxxxxxxxxxxx
> >>In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
> >>youremailaddress
> >>
> >>Don't forget the comma!
> >>
> >>
> >>
> >
> >
> >
> 
> -- 
> Letting your vendors set your risk analysis these days?
> http://www.threatcode.com
> 
> If you are a SBSer and you don't subscribe to the SBS Blog... 
> man ... I will
> hunt you down...
> http://blogs.technet.com/sbs
> 
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> 
> 
> 
> 
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> 
> 
> 
> 
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx, 
> youremailaddress
> 
> Don't forget the comma!
> 
> 

Other related posts:

• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches
• » [isapros] Re: [ISAServer] ISA, SP2 and the last patches

1. Home
2. isapros
3. Archive
4. 07-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---