We recently upgraded from ISA Server 2000 to 2004 on SBS 2003 by installing SBS 2003 SP1. I just realized that we now need to upgrade the Firewall Client on all the workstations. Can we just install over the top of the ISA 2000 FWC, or does the old version need to be un-installed first? Does anybody have the syntax for an unattended install of the 2004 FWC? Thanks!
I think I may have found my answer. It looks like the 2000 firewall client DOES need to be un-installed before installing the 2004 firewall client.
Next I need to figure out how to automate this task. I think I can use the login script or a GP to do this also. I found a syntax to un-install the 2000 client: MsiExec.exe /X {8C7A59A8-9ABE-459A-9A93-08C281A4A264} /qn
Then force a reboot? Or maybe not necessary?
Then to install the new FWC: Path\Setup /v"SERVER_NAME_OR_IP=ISA_Server_Name] [ENABLE_AUTO_DETECT={1|0] [REFRESH_WEB_PROXY={1|0}] /qn"
I haven't tried this yet, so I'd appreciate any feedback on an easier way, or any comments or suggestions.
Okay - there has got to be a better way to do this. I started writing a script to do this, and here are a few observations: 1) The old version has to be un-installed first. 2) I'm not familiar enough with GP software deployment to know how to uninstall the old software first, then install the new versioin after verifying the old version was removed. 3) The un-install of the 2000 Firewall Client requires the original installation files to be in the path it was installed from (\\servername\mspclnt) - but those files were overwritten by the installation of ISA Server 2004.
I think I have figured out how to work around these issues, but ... It seems that upgrading from ISA 2000 to 2004 would be a common scenario and have an easy upgrade path. It doesn't seem like it should be this difficult, and it seems like other people would have run into this already.
The easiest solution I have come up with so far is to copy the FireWallClient 2004 files to a new share, and locate a set of the FireWallClient 2000 files and copy them to the original share. Then call a batch file from the login script that does the following: 1) Check to see if FWC 2004 was installed with proper exit codes - if so, exit 2) If not, check to see if FWC 2000 has been un-installed with proper exit codes - if so install FWC 2004 from the new modified share saving exit codes; if not run the un-install of FWC 2000 saving exit codes and reboot.
There MUST be a better, easier way. Any suggestions?
Nice workaround! The best approach would be to use Group Policy software deployment first, then uninstall the Firewall client software via Group Policy deployment before the updgrade, and then reconfigre Group Policy after the upgrade is complete.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> Upgrading Firewall Client from 2000 to 2004 
Upgrading Firewall Client from 2000 to 2004 - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread