RE: Windowsupdate woes. (0x80072EFD, as usual)

From: Alexandre Gauthier <gauthiera@xxxxxxxxxxxxxxxxx>
To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
Date: Fri, 18 Nov 2005 13:50:58 -0500
Heyo Tom.

 

Thank you for the reply; it gave me the fuzzies down my stomach. Or maybe
that was just gas, I am not quite sure. Time will tell. I like to think it's
the fuzzies, though.

 

I read back my rather impressive spilling of unspeakable horrors a pompous
person would dare call a manuscript, which I posted today, and realized I
failed to mention two important things, since I was all motivated by my
inner passion and fuelled by my desire to be enlightened about this oddity.

 

As random as it may sound, we are not using the HTTP proxy features of ISA
*at all*. We instead rely on the
cheap-lay-with-indian-tech-support-that-claims-to-do-stuff-but-doesn't-reall
y eTrust Secure Content Manager product created by the sweetie pies over at
Computer Associates (I wonder how much they pay for that two letter domain
name?).

 

I did check that before posting, IE is not using any proxy of any kind, and
the firewall client configuration that is pushed to the stations doesn't
apply its dictatorship against any IE settings that might be found there. If
it was just that, I would have obeyed like circus monkey and clicked the
HTTP 1.1 through proxy (regardless of how that is really called in the
English version of windows) like a docile little Network Analyst and would
have went on with my journey, applying KBs while singing Christmas carols to
annoy co-workers awaiting the next black Tuesday with much anticipation.

 

So that is close, but no cigar...

 

However, I will give a look to the configuration settings once again,
perhaps I missed something.

 

Thank you for spending some of your time reading my junk :-)

 

 

  _____  

De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Envoyé : 18 novembre 2005 09:34
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: Windowsupdate woes. (0x80072EFD, as usual)

 

http://www.ISAserver.org

Hi Alex,

 

Why you incompetent fool who doesn't RTFM or read the step by step articles
or blog entries or the emails that pass through this list or troubleshoot
the issue before assailing my inbox with your level 1 support quality
questions. What do you think I have to do all day? Wait around for you to do
something dumb and come running to your begging hands?

 

OK, now that we have that out of the way, the problem in all likelihood is
not related to the FWC, but to the Web proxy configuration that takes place
automatically when the Firewall client is installed. So, its not your fault,
its the incompetent "open a port firewall admin" who set up the ISA
firewall's Web proxy configuration settings for Firewall clients and his
inability to comprehend the concepts of Direct Access, Access Rules, and the
Windows Update site's ABYSMAL SUPPORT for authenticating Web proxies.

 

Does that give you a head start?

 

:-))

 

Tom

 

Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://spaces.msn.com/members/drisa/
<http://spaces.msn.com/members/drisa/> 
Book:  <http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

 


  _____  


From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] 
Sent: Friday, November 18, 2005 8:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Windowsupdate woes. (0x80072EFD, as usual)

http://www.ISAserver.org

Good morning. I hope all of you guys are twitching around with glee, unable
the contain the warm and loving feeling of upcoming snow and the beginning
of winter as you hold whatever book you are reading right now clenched
tightly into your groin. (For my part, it's "Version control with
Subversion", if you're interested. I know you aren't, but I decided you
would be.)

 

So, I know this has been discussed over and over on this very list, and you
probably clicked this mail, all worked up about telling me to go read the
articles and google around, and especially read the step-by-step, easy to
understand guides posted here and here, and perhaps even go so far as to
scream, among the braying and neighing of barnyard animals, to go check my
ISA logs so I can find proof of my own incompetence and clumsiness and
properly configuring a rule to allow it. Oh yes, I can see you, your finger
throbbing with expectation over the mouse button, ready to fire up a
vitriolic message.

 

But no, no, I assure you, this seems different. It should not even concern
ISA Server, but rather, just the Firewall Client.

 

I have recently moved to a new workstation at work here, and while
reinstalling my stuff, I decided to pay windowsupdate.com a visit, for it
would be more efficient than just trying to bear the excruciatingly wrongly
configured SUS server here, which is not exactly working. To much of my
surprise, it worked fine. My workstation is currently NAT'ed through the
Netscreen, so I have no need for the Firewall Client to be installed right
now.

 

Yesterday, I installed the firewall client, for support, thrills, kicks and
excitement about seeing my winsock layer and TCP/IP stack brutally violated,
in an unspeakable manner, and surprise surprise, Windows update no longer
works. Not really surprising, I say. It has not been configured in ISA.

 

But my problem here is this:

 

   Windows update fails with the same behaviour (error messages and such in
windowsupdate.log) as noted in KB Articles and previous posting - EVEN WHEN
THE ISA CLIENT IS DISABLED.

 

So get this: Windowsupdate will fail *THE SPLIT SECOND* The Firewall Client
is *installed*. It doesn't have to be actually working or do anything
useful, just be *there*.

 

And my machine is not going through secureNAT, but plain good old NAT.

 

And it fails, just as if a firewall of some sort was blocking connections or
something was wrong with BITS. Everything is up to date and patched, I
followed every direction if every KB article - I remind you, it used to
work. Then I installed the Firewall Client, and immediately checked. It
doesn't work now. Even if the Firewall client is disabled on my desktop.

 

Any ideas?

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
RE: Windowsupdate woes. (0x80072EFD, as usual)

Other related posts:
