• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Ad-aware firewall access

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Ad-aware firewall access Page: [1]
Message << Older Topic   Newer Topic >>
Ad-aware firewall access - 19.Mar.2007 12:12:18 PM   


Posts: 3
Joined: 19.Mar.2007
Status: offline
I am trying to allow "Ad-aware SE" to access the internet. I have a rule that gives certain staff full internet access but "Ad-aware" will not update unless I give all users internet access. I have similar problems with a number of programs including one called "FTP commander". I also have a rule further up the list to block some users and if this is on it blocks Ad-aware even if I have given the all users group full access. I know I must be doing some thing wrong but I'm not sure what! Any help would be appreciated. 
Post #: 1
RE: Ad-aware firewall access - 23.Mar.2007 7:12:22 AM   


Posts: 23
Joined: 11.Mar.2007
Status: offline
There is an order in which ISA access rules are processed. Basically rules are processed from top to bottom. That is why the default rule is at the very bottom to deny all traffic that doesnt match any rules defined.

YOu need to see what protocols are used by your apps to update (most certaintly http and possibly ftp) and then ensure traffic to those destinations aren't blocked. Obviously check the destinations to ensure they are legit sites you trust. Then create rules with the correct source/destination and user objects to ensure its not blocked.

You also need to note the permissions of the end users that are running these apps that are tring to self update. Some apps check to see if the user has local admin rights and if not, they terminate. Therefore, even if your access rules are correct, they wont even try to access the updates sites. Check ISA logs to ensure the clients are trying to access the updates


P.S. It doesnt hurt to read manuals you know ;-) Gives more of an incentive for the forum readers to answer if they see the question poster is making an effort themselves.

(in reply to paulcoyney)
Post #: 2
RE: Ad-aware firewall access - 23.Mar.2007 9:58:40 AM   


Posts: 3
Joined: 19.Mar.2007
Status: offline
The rule does not work no matter where I put it, top, bottom or middle. I am trying to do the updates on a computer that I have logged on to as the domain admin, so there should be no problems with user permissions.

I have been on an ISA course, I have read some books (including manuals) and looked on the web (isaserver.org etc), and I still don't think that ISA is as easy and intuitive to use as other firewalls I have used. This post was a last resort having exhausted all other avenues so thanks for your help.

(in reply to paulcoyney)
Post #: 3
RE: Ad-aware firewall access - 12.Apr.2007 10:53:43 AM   


Posts: 42
Joined: 20.Apr.2005
Status: offline
If it makes you feel any better, I have the same problem with Ad-aware, as well as a few other programs / sites. If I try coding Ad-aware to use a proxy server with user authentication, it fails every time. The only way I've gotten around this is to allow All Users access to *.lavasoft.com

I have the same issue with UPS and DHL. Our company uses their WorldShip and SwiftShip software respectively and we can't connect to their servers for updates or to send manifests. Once again, if I add proxy information to their software, it won't authenticate any of my users. I have to Allow all users access.....and all outbound traffic.


(in reply to paulcoyney)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Ad-aware firewall access Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts