[isalist] Re: my experience with surf control 5.5
- From: "Roy Tsao" <caohuiming@xxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sat, 13 Jan 2007 00:07:16 +0800
RE: [isalist] Re: my experience with surf control 5.5I know it is a crappy one.
Other filter like GFI Webmonitor does not require service stop
prior to installation. Problem is only for SC's filer!
----- Original Message -----
From: Jim Harrison
To: isalist@xxxxxxxxxxxxx
Sent: Friday, January 12, 2007 10:00 PM
Subject: [isalist] Re: my experience with surf control 5.5
That’s a crappy installer – period.
While it’s probably that installation of any filter might cause a fwsrv
restart, there is *NO* reason to stop the service prior to installation.
A *proper* installation wouldn’t restart the fwsrv until the installation
has completed *successfully*; otherwise, it should roll back the filter.
Jim
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Roy Tsao
Sent: Thursday, January 11, 2007 8:34 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: my experience with surf control 5.5
The key for this issue is ISA firewall service must be stopped before install
or uninstall SC,
I think I said this point about one year ago. Such point is not indicated in
SC installation guide.
----- Original Message -----
From: Ara Avvali
To: isalist@xxxxxxxxxxxxx
Sent: Friday, January 12, 2007 12:26 PM
Subject: [isalist] Re: my experience with surf control 5.5
Second post, No idea why characters are messed up but I thought it is worth
the share. Sorry for duplicate
I said let’s reboot the server one more time and see what happens. Web
filter didn’t start automatically again and I got this error on email
notifications: The connection between the SurfControl Web Filter and the ISA
server has been lost.
Oops that's not good and I didn't want to end up with a crashed server as
you said. So I took your advice to go the way of reinstalling everything.
Downloaded the new version of SQL express posted on their site. Then I
uninstalled SC and remove the msde too. Rebooted and went to the program files
folder and deleted SC and any sql server folder except the one for ISA (msfw).
Rebooted again and ISA came up fine with no error also the SC filter was
unregistered from add-in section. So this time I stopped ISA server control
service which stops the firewall, routing and remote access and job scheduler
service. Did the SQL installation (2005) and no problem. Installed SC and no
error as mentioned in previous emails when installation fails to stop the
firewall service. Then I stated services in opposite direction (server control
service, firewall, routing and remote access and job scheduler). Then I
rebooted the server and this time web filter stated automatically as it should.
Recreating rules for me was easy because I only have 2 rules. Denied
categories first and then allowed. No exception for any individual.
Thanks for giving me the warning otherwise I may have been down the same
road.
________________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Ball, Dan
Sent: Thursday, January 11, 2007 12:18 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: my experience with surf control 5.5
This was pretty much my experience, except that I also upgraded ISA at the
same time…
I backed up all configurations, then ran did the upgrade to ISA2006. I
then upgraded the SurfControl program to version 5.5, and ran into the same
scenario that you showed below. The install gave me an error message (same one
below), but kept running after I clicked OK. Realizing that it wanted the
Firewall Service stopped (and probably hadn’t installed the ISA plug-in
correctly), I stopped the Firewall Service and did a repair install of
SurfControl. I rebooted the server, and found that the SurfControl service was
set to manual. I started the service manually, and it seemed to start up fine,
appearing to work they way it should. I didn’t pay too much attention as to
why it was set to start manually…
I found out a couple of weeks later that the rules database was corrupt.
When I made a change to the rules database, it knocked the whole server down in
a matter of seconds. That was an extremely painful experience, took me awhile
to figure out what was wrong. What made it exceedingly difficult was that the
entire server was rendered useless, I couldn’t even log in via the local
console.
My suggestion: Re-install SurfControl as soon as you can, there is
probably a lingering issue there that you don’t want to find out about the
hard way. Backup all your configurations for SurfControl, uninstall it
completely (delete anything left over), then re-install and restore your
configuration. Apparently files are stored in a different location in version
5.5, which “might” be part of the problem. Once you get it back up and
running, go through your rules (in every possible area) and look for any
entries that say ERROR in the title. If you have any of those, delete all
rules that are referencing those entries, delete the offending customization,
and re-create it.
________________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Ara Avvali
Sent: Thursday, January 11, 2007 2:10 PM
To: undisclosed-recipients
Subject: [isalist] my experience with surf control 5.5
Ok
So I just want to share the story. I did re-image the server on another
machine and logged in to it. Then I did an in-place upgrade from 5.1 to 5.5. It
went smoothly telling me that it is going to upgrade rules and settings.
Rebooted the server and registered filter for ISA was upgraded to 5.5. So I let
it run for couple hours and checked on event logs and service status and
everything was cool.
Then I went ahead and did it on live server. This time damn thing gave me
the error which is attached during installation. Then it was installed and
rebooted. Upon reboot web filter service did not start automatically and I had
to it manually but everything seems to be working fine and no nasty event so
far. If I remember it correctly this error is related to the fact that SF can
not stop the firewall service on its own so you should stop it manually before
attempting the upgrade. I will post again for those who are interested. Just
have to figure it out why the web filter service does not start automatically
☹
All mail to and from this domain is GFI-scanned.
Other related posts:
