RE: How to allow ISA 2004 to contact SUS server?
- From: "Raji Arulambalam" <RajiA@xxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 15 Oct 2004 13:07:23 +1300
Thanks Jim
I've got that.
The connection to the internal SUS server is anonymous, hence it gets denied.
How can I change it so the automatic updates service can go out?
172.16.0.10, anonymous, Industry Update Control, -, 10/15/2004, 9:29:48, -,
HERMES, -, -, 172.16.0.231, 80, 1, 141, 262, -, -, HEAD,
/iuident.cab?0410142029, -, -, 12202, -, -, -, -, -, 0x0, Denied
172.16.0.10, anonymous, Industry Update Control, -, 10/15/2004, 9:29:48, -,
HERMES, -, -, 172.16.0.231, 80, 1, 140, 2256, -, -, GET,
/iuident.cab?0410142029, -, -, 12202, -, -, -, -, -, 0x0, Denied
172.16.0.10, anonymous, Industry Update Control, -, 10/15/2004, 9:29:48, -,
HERMES, -, -, 172.16.0.231, 80, 1, 263, 2256, -, -, GET,
/wutrack.bin?V=1&U=1298a8e9f3151942bb95522155d0ce5f&C=au&A=s&I=&D=&P=5.2.ece.2.110.3.0&L=en-US&S=f&E=80190193&M=ver%3D5.4.3790.0&X=041014202949563,
-, -, 12202, -, -, -, -, -, 0x0, Denied
BTW just a question is nobody else having their ISA Server 2004 getting the MS
updates from an internal SUS server, if so how are they doing it.?
Cheers
RajiA
>> -----Original Message-----
>> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
>> Sent: Thursday, October 14, 2004 6:16 PM
>> To: [ISAserver.org Discussion List]
>> Subject: [isalist] RE: How to allow ISA 2004 to contact SUS server?
>>
>>
>> http://www.ISAserver.org
>>
>> 1. "Edit System Policies"
>> 2. Scroll all the way down to the bottom to "Allowed Sites"
>> 3. click the "To" tab
>> 4. click "Add"
>> 5. Click "New", then "Computer"
>> 6. Enter "172.16.0.231" in the IP field
>> 7. Click "Add" to add it to the destinations list
>>
>> ..you're a big boy...
>> I bet you can sort out the rest...
>>
>> Jim
>>
>> -----Original Message-----
>> From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx]
>> Sent: Wednesday, October 13, 2004 3:25 PM
>> To: [ISAserver.org Discussion List]
>> Subject: [isalist] How to allow ISA 2004 to contact SUS server?
>>
>> http://www.ISAserver.org
>>
>> Hi
>>
>> We have an internal SUS server that downloads patches from
>> the MS site.
>> Once these are approved, local machines updates from here.
>> How do I allow the ISA Server 2004 to contact this local SUS
>> server and
>> download updates.?
>> I've added this internal server to the 'System Policy Allowed Sites'
>> domain set, and System policy #17 is enabled.
>>
>> Do I need a FW policy rule as well to allow for local host
>> -> internal
>> http requests?
>>
>> Log files below
>>
>> 172.16.0.10, anonymous, Industry Update Control, -,
>> 10/14/2004, 9:52:27,
>> -, HERMES, -, -, 172.16.0.231, 80, 1, 141, 262, -, -, HEAD,
>> /iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied
>> 172.16.0.10, anonymous, Industry Update Control, -,
>> 10/14/2004, 9:52:27,
>> -, HERMES, -, -, 172.16.0.231, 80, 1, 140, 2256, -, -, GET,
>> /iuident.cab?0410132052, -, -, 12202, -, -, -, -, -, 0x0, Denied
>> 172.16.0.10, anonymous, Industry Update Control, -,
>> 10/14/2004, 9:52:27,
>> -, HERMES, -, -, 172.16.0.231, 80, 1, 263, 2256, -, -, GET,
>> /wutrack.bin?V=1&U=1298a8e9f3151942bb95522155d0ce5f&C=au&A=s&
>> I=&D=&P=5.2
>> .ece.2.110.3.0&L=en-US&S=f&E=80190193&M=ver%3D5.4.3790.0&X=04
>> 10132052283
>> 63, -, -, 12202, -, -, -, -, -, 0x0, Denied
>> =========
>> HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80,
>> 172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS
>> requests from ISA Server to specified sites, HTTP, -, 0, 0,
>> 0, 0, -, -,
>> -, -, -, -, -, -, 2, 3378, -, -, -
>> HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4019, 172.16.0.231:80,
>> 172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow
>> HTTP/HTTPS requests from ISA Server to specified sites,
>> HTTP, -, 0, 0,
>> 262, 262, -, -, -, -, -, -, -, -, 2, 3378, -, -, -
>> HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80,
>> 172.16.0.10, Local Host, Internal, Establish, 0x0, Allow HTTP/HTTPS
>> requests from ISA Server to specified sites, HTTP, -, 0, 0,
>> 0, 0, -, -,
>> -, -, -, -, -, -, 2, 3379, -, -, -
>> HERMES, 10/14/2004, 9:52:27, TCP, 172.16.0.10:4020, 172.16.0.231:80,
>> 172.16.0.10, Local Host, Internal, Terminate, 0x80074e24, Allow
>> HTTP/HTTPS requests from ISA Server to specified sites,
>> HTTP, -, 0, 0,
>> 2256, 2256, -, -, -, -, -, -, -, -, 2, 3379, -, -, -
>>
>> RajiA
>>
>> Email disclaimer: This email and any attachments are confidential. If
>> you are not the intended recipient, do not copy, disclose or use the
>> contents in any way. If you receive this message in error,
>> please let us
>> know by return email and then destroy the message. Environment Bay of
>> Plenty is not responsible for any changes made to this message and/or
>> any attachments after sending.
>> ******************************************************
>> This e-mail has been checked for viruses and no viruses were
>> detected.
>>
Email disclaimer: This email and any attachments are confidential. If you are
not the intended recipient, do not copy, disclose or use the contents in any
way. If you receive this message in error, please let us know by return email
and then destroy the message. Environment Bay of Plenty is not responsible for
any changes made to this message and/or any attachments after sending.
******************************************************
This e-mail has been checked for viruses and no viruses were detected.
Other related posts:
