[isapros] http updates with system policy
- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Fri, 9 Mar 2007 22:54:57 +1100
Im seeing something weird here hoping someone can help me out as its getting
late. Playing ISA 2006 with windows updates and antivirus updates.
Essentially i know the system policy rule that should allow http and http to
the sites in the "system policy allowed sites" namely windows updates. The
problem is the https doesn't seem to work, http works fine but im seeing
errors in the windows update client and a denied default rule in the
monitoring windows.
Now interestingly enough https://www.nai.com is one i need as well and if i
add that site to the system policy allowed sites i experience the same,
nothing. And even more interesting if i choose to put External object in the
"to" destination everything works a treat.
Why isn't the https side of that system policy rule working for the default
sites in that object. If i try hit https://www.windowsupdate.com i get
denied default rule.
Of course i can make a specific rule allowing https from the localhost to
those destination but if i read the description of what that system policy
rule should be doing i shouldn't have too.
I have confirmed this behaviour on two separate 2006 servers.
Anyone got any ideas
Greg
Other related posts:
